Sure. Any decent firewall like pfSense can implement this. Wireguard creates a virtual NIC, and you allowlist traffic over the Wireguard NIC and block all but the VPN traffic on the public interface
Comments
Log in with your Bluesky account to leave a comment
Oh yeah it’s trivial for me to do purely on my devices, I’m curious about solving it for a situation where, say, I ship devices to a group that should have access to the network, and want high confidence in the security of those devices.
I think it’s one of those things where there’s only so much you can do if you’re shipping devices on the network to other people. But I’m curious in exploring all those things you can do, and seeing where the limit actually is.
Comments