[GH-ISSUE #1329] Add WireGuard to TRMM so servers can be hosted anywhere without any port forwarding. #828

New issue

Closed

opened 2026-03-02 02:19:18 +03:00 by kerem · 3 comments

kerem commented 2026-03-02 02:19:18 +03:00

Owner

Copy link

Originally created by @applebyp on GitHub (Oct 26, 2022).
Original GitHub issue: https://github.com/amidaware/tacticalrmm/issues/1329

I'm testing TRMM behind a Zerotier SDN. It's working ok but tricky to route LAN to the SDWAN.

If TRMM server and agents had WireGuard baked in there would be a big jump in security.

Originally created by @applebyp on GitHub (Oct 26, 2022). Original GitHub issue: https://github.com/amidaware/tacticalrmm/issues/1329 I'm testing TRMM behind a Zerotier SDN. It's working ok but tricky to route LAN to the SDWAN. If TRMM server and agents had WireGuard baked in there would be a big jump in security.

kerem 2026-03-02 02:19:18 +03:00

• closed this issue
• added the
  dev-triage
  label

kerem commented 2026-03-02 02:19:19 +03:00

Author

Owner

Copy link

@silversword411 commented on GitHub (Oct 26, 2022):

Currently WireGuard is outside TRMM core scope, and is a separate service you can add yourself.

At the current time, I think this would be outside scope.

FYI, you are still going to have to forward the Wireguard port.

<!-- gh-comment-id:1291851470 --> @silversword411 commented on GitHub (Oct 26, 2022): Currently WireGuard is outside TRMM core scope, and is a separate service you can add yourself. At the current time, I think this would be outside scope. FYI, you are still going to have to forward the Wireguard port.

kerem commented 2026-03-02 02:19:19 +03:00

Author

Owner

Copy link

@NiceGuyIT commented on GitHub (Oct 26, 2022):

I use Nebula which doesn't have routing like a traditional VPN. Routing is determined by the address you request. If DNS returns the SDWAN IP, routing uses the SDWAN. If DNS returns the WAN IP, routing uses the WAN. DNS is part of the implementation.

When setup like this, I don't need to have WireGuard in the agent, or ZeroTier for that matter. I just need control of the DNS for the domain hosting TRMM to tell the agents to use the SDWAN IP.

<!-- gh-comment-id:1291929613 --> @NiceGuyIT commented on GitHub (Oct 26, 2022): I use Nebula which doesn't have routing like a traditional VPN. Routing is determined by the address you request. If DNS returns the SDWAN IP, routing uses the SDWAN. If DNS returns the WAN IP, routing uses the WAN. DNS is part of the implementation. When setup like this, I don't need to have WireGuard in the agent, or ZeroTier for that matter. I just need control of the DNS for the domain hosting TRMM to tell the agents to use the SDWAN IP.

kerem commented 2026-03-02 02:19:19 +03:00

Author

Owner

Copy link

@wh1te909 commented on GitHub (Oct 26, 2022):

yea wireguard or any vpn technology doesn't have anything to do with the actual trmm software functionality. you can deploy trmm however you want, behind whatever network or proxy you want. so definitely outside the scope of a feature request

<!-- gh-comment-id:1292616404 --> @wh1te909 commented on GitHub (Oct 26, 2022): yea wireguard or any vpn technology doesn't have anything to do with the actual trmm software functionality. you can deploy trmm however you want, behind whatever network or proxy you want. so definitely outside the scope of a feature request

kerem referenced this issue 2026-03-14 04:08:22 +03:00

[GH-ISSUE #828] Blank disk list in Summary #2469

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

master

1.0.0

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.20.1

v0.20.0

v0.19.4

v0.19.3

v0.19.2

v0.19.1

v0.19.0

v0.18.2

v0.18.1

v0.18.0

v0.17.5

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.5

v0.16.4

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.12

v0.15.11

v0.15.10

v0.15.9

v0.15.8

v0.15.7

v0.15.6

v0.15.5

v0.15.4

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.8

v0.14.7

v0.14.6

v0.14.5

v0.14.4

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.4

v0.13.3

v0.13.2

v0.13.1

v0.13.0

v0.12.4

v0.12.3

v0.12.2

v0.12.1

v0.12.0

v0.11.3

v0.11.2

v0.11.1

v0.11.0

v0.10.5

v0.10.4

v0.10.3

v0.10.2

v0.10.1

v0.10.0

v0.9.2

v0.9.1

v0.9.0

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.2

v0.7.1

v0.7.0

v0.6.15

v0.6.14

v0.6.13

v0.6.12

v0.6.11

v0.6.10

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.32

v0.4.31

v0.4.30

v0.4.29

v0.4.28

v0.4.27

v0.4.26

v0.4.25

v0.4.24

v0.4.23

v0.4.22

v0.4.21

v0.4.20

v0.4.19

v0.4.18

v0.4.17

v0.4.16

v0.4.15

v0.4.14

v0.4.13

v0.4.12

v0.4.11

v0.4.10

v0.4.9

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.23

v0.2.22

v0.2.21

v0.2.20

v0.2.19

v0.2.18

v0.2.17

v0.2.16

v0.2.15

v0.2.14

v0.2.13

v0.2.12

v0.2.11

v0.2.10

v0.2.9

v0.2.8

v0.2.7

v0.2.6

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.8

v0.1.7

v0.1.6

v0.1.5

v0.1.4

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels   

In Process

  

bug

  

bug

  

dev-triage

  

documentation

  

duplicate

  

enhancement

  

fixed

  

good first issue

  

help wanted

  

integration

  

invalid

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

requires agent update

  

security

  

ui tweak

  

wontfix

No labels

In Process

bug

bug

dev-triage

documentation

duplicate

enhancement

fixed

good first issue

help wanted

integration

invalid

pull-request

question

requires agent update

security

ui tweak

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/tacticalrmm#828

No description provided.