It began with WireGuard — a lightweight VPN solution that securely tunneled connections back to a local network. While effective, performance was largely dependent on your network’s upload speed, which wasn’t ideal in every scenario.
Next came Tailscale. By creating an overlay network on top of an existing infrastructure, Tailscale addressed the speed limitations seen with WireGuard. However, this introduced new complexity: learning and managing the virtual IP addresses assigned within the overlay network, along with manually registering each node to form the mesh.
Then came Firezone.
Firezone is a zero-trust VPN solution that blends the strengths of both WireGuard and Tailscale. It provides WireGuard-level access with a much more streamlined, Tailscale-like configuration experience. Most of the setup is handled through a centralized portal — simply sign up, deploy a gateway on your server, configure users and permissions, install the client, and you’re ready to go.
I plan to run Firezone alongside my existing WireGuard and Tailscale configurations in my lab environment. Their free tier is generous and well-suited for home labs and learning environments, while paid options are available for organizations looking to deploy at scale in production. In many ways, Firezone feels similar to solutions like Zscaler, particularly in its zero-trust approach.
The free tier includes:
– Up to 6 users
– 10 service accounts
– 10 sites (subnets count as one site)
– Unlimited policies and resources
If you’re looking to modernize your VPN approach or explore a more flexible zero-trust solution, Firezone is well worth a look.
