Netmaker - A powerful, open source, self hosted, GUI for setting up Wireguard networks and VPNs.

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] it's your open source Advocate and I'm back with another video and today I'm going to talk about net maker now if you've been looking for a really great way to set up a wire guard Network a way that gives you an option to have people sign in and have permissions to certain networks or certain devices if you've been looking for a way to set it up with a graphical user interface that really gives you a ton of power over how you set up your network the net maker is going to be the solution for you this is a really cool project and I had a really really great opportunity to sit down with Alex the creator of netmaker a couple of times over the last week and we just talked about all kinds of things but just when it came to net maker there was such a passion about making networking easy that it was easy to tell that that was something he was really after and what he was really interested in he took some time he explained to me how to use net maker to set up a few different scenarios that I think will be excellent whether you're doing this for your business or if you're doing this for home use for personal use whatever I really think you're going to enjoy this video I'm going to show you how to install net maker how to get it up and running and how to set up a couple of different scenarios that we can use that will be really useful and there's just so much more you can do with it I couldn't possibly cover all of the options but once you see how to do a couple of things I think your imagination can take you a really long way stick with me and we're going to get in the install right after this I want to say thank you to all of my subscribers and all of my patrons over at patreon seriously you guys make this so worth it for me to do these videos every week I really truly enjoy it and I just can't say thank you enough if you're enjoying these videos subscribe let YouTube know that I'm doing a good job by subscribing to the channel plus you'll get notified when I have new videos coming out and finally if you're enjoying what I'm doing give it a like just click on that thumbs up and that way YouTube knows that you like it and they'll pass it along to other people that might enjoy my content as well I really appreciate it thank you again let's get started so I've already installed the server we're going to start off first just showing you how you can do some different things with netmaker and then I'll go through the installation processes later and talk about some of the things you can do there but I want to let Alex kind of take it away and show us what he's got today and he's just going to be using a server that my set up just before we started this so Alex go and introduce yourself to please hey I'm Alex I am founder of netmaker and yeah we create wireguard virtual networks and try to make it easy for you so happy to be here yeah so I guess to get started we were last talking about I kind of shared your login with me but we can also just create an admin user for myself so I'm gonna do that so that we don't have to share passwords or anything so I give myself a login and if you had a networks we could make me just the admin of an individual network but um maybe a super admin here just give myself lots of privileges and yeah I should be able to log out log back in as myself nothing's ever gone wrong giving somebody full access to your servers right yeah yeah you definitely want to be careful with it hey I don't really want to expose this dashboard to the public which is totally understandable so uh if that is an issue we have in the docs here way down at the bottom it tells you how to set up your security settings so that only particular IP addresses can reach your dashboard the first thing you want to do is create a network obviously um so yeah you can go ahead and go your network page and then click to create network and I guess Brian what do you want to call this network um let's just call this remote access one that's fine yeah just keep it simple might be above our character count let's see one two three four five six seven eight nine ten eleven twelve dang we are one character too high oh well let's just call it remote one how about that one okay yeah and the reason there is actually a naming scheme we do when we set up interfaces um we set up the network interfaces on machines using the network name and um we had a little dependent thing to it as well so if the network name is too long we actually can't use it as an interface name okay good to know um yeah so we could also autofill this just to get some you know random values in there I guess IP address yeah that IP address looks fine Okay cool so that's yeah pretty much it then uh main things are name address range you can turn IPv6 on if you want probably don't need it for this use case and then the one other one you want to think about is UDP hole punching if you want to have that on or off and then you just go ahead and create that and let's go into the background is creating the network and adding the server to the network then the next step would be to add machines into our Network and you can do that a couple ways so if we go to our access Keys page this is typically How We Do It Let's do create an access key and you give it a number of uses you can always invalidate and access key so once you create it they give to you a token it gives you some install instructions and you can also join a network just using your username password if you want so that's the other way to do it and not use an access key at all um but yeah so I guess we have that what you want to do is go to your machines and run the install for the client all right we're going to follow another quick install guide now the best way to run this is absolutely to set up a VPS in something like digitalocean lenodevolter AWS they suggest any of these they do give a warning down here about Oracle free tier just be aware that they've seen that using that one you can have some issues with the interference in the network things like that so so be aware it's not that you can't use it it's just that they've seen some issues so they do give you a little warning about that that said there's a little bit of DNS setup that we want to do so again if you're going to do this for business or if you're going to do this for home if you want to have your own domain it's very inexpensive to get a domain you don't have to get a super expensive domain you don't have to get a DOT IO that's going to cost you 50 60 you don't have to get a DOT org you get anything that that you can point to the server that you're going to set up so we're gonna do a little a little bit of pre-set up first thing I'm going to do is I'm going to open up digitalocean and create a droplet and we'll kind of go through that together it's really easy if you've never tried it before I do have a affiliate Link in the description for digitalocean it'll give you a 200 credit for 60 days to try out digitalocean which means you can set up a lot of servers and for like the little the little one we're gonna set up today is like six or seven bucks a month that's that's a lot of a lot of servers like that you could test out things on um if you do that and you stick with them I get a credit if you don't it's no big deal just to be very clear about what happens if you do that that that's what it is so if you want to go to the node AWS anybody else it's fine I'm just letting you know that I do have an affiliate link if you want to try them out for free you can do that all right here on digitalocean if you want to create a droplet it's really not that hard and you see I've got one here set up that I've been playing with but you go over here to create and you pick droplets that's what they call their virtual private servers I'm just going to do a Ubuntu 2004 or 2204 server that works perfectly fine for what we're going to do I'm going to just dot this little check box and pick this six dollar a month droplet here it's plenty it's it's a one gigabyte RAM and then it's got one virtual CPU now on their site they suggest at least two gigs of RAM so you could jump up to this 12 one if you want to but I think the six dollar one so far has worked fine for me now it depends on how many connections you're going to have if you're going to set this up for a lot of people you know start thinking about just bumping up a little bit because at some point you have to handle that traffic you have to have the transfer that kind of stuff so so be aware of that but for now we're gonna we're gonna set up the six dollar one right here we're gonna go down pick a place that is geographically close to you physically close to you just cuts down on latency so for me New York San Francisco doesn't really matter right in the middle of the country so that's easy and then we're going to go down I do want to set up my SSH keys so I'm going to set up the the two that I know I have on the machines where I can access this droplet from and this is just my public key it's not going to hurt anything for you see that don't worry about that and then as we move down I'm just going to call this thing and I'm going to call it net maker um the it Pros something like that something for me to identify it in the list and then we're going to click on create so that's going to go out it's going to create my base Ubuntu droplet it's not going to be anything massive or major but what I need to get out of it is an IP address that's a public IP address which is great that's the nice thing about digitalocean let out any of those they they give you a server with a public IP address that doesn't change so that's really nice while we're waiting on that I'm going to go over to my gitlab and I'm going to get ready to install Docker CE and Docker compose now you can you can follow their instructions directly and their instructions just tell you you're going to use Docker IO and Docker compose instead it's up to you but I like Docker CE so I'm going to use that one so we'll get down to that part here in a minute but we're going to set up our DNS and do some of this prep stuff first so I'm going to go back over here I'm going to go into my Docker installs library and again I'll have a link for you guys I'll have instructions on exactly how to do this in the show notes so it makes it a lot quicker for you you don't have to kind of do the method that I'm doing right now and then we're going to go back over here to digitalocean I've got a public IP address now so that's good I'm going to copy that public IP address and then if you followed Along on setting up the email server you know that we set up a custom DNS server as well so I'm going to go here to my to my box.ditpros.org admin and I'm going to go to custom DNS and I want to add a custom DNS record to keep this easy we can create a record that has asterisk.netmaker.the itpros.org which means anything.netmaker.ditpros.org will point to This Server that we're about to set up so that's that's really important whenever we're doing this now I want to make sure I go to custom DNS not external DNS so we're just going to type in the name that we want which is asterisk.net maker and you can see I've done this before and then it puts dot the itpros.org right here it's going to be an a record so I'm just going to leave this where it is and then I'm going to paste in that IP address that I just got from digitalocean and I'm going to save that record and this should come up and tell you it was successfully updated which is great and that's going to take a few minutes to propagate so no big deal no hurry what we're going to do is make sure we've still got this IP address copied and we're going to open up a terminal console whatever you want to call it and I'm going to SSH over to that server so just SSH root at the server IP address I'm going to type in yes and then it'll check my keys and I'm in so first thing we want to do is update and upgrade the server to make sure everything is up to date so we're going to do you have to do pseudo if you're rude but you you can it's a habit for me apt oops let's see sudo apt update Ampersand Ampersand sudo apt upgrade Dash y and it's going to go out and try to actually find all the updates for the server run those things and get the server itself up to date now while it's doing that we can actually open up another terminal do SSH root add and just paste in that same IP address I'm going to make this bigger for you guys and then we can do Nano install Dash docker.sh we're going to go back to our browser we're going to grab this text one more time we're going to go back to our terminal and we're going to paste it in and then we'll save with Ctrl o exit with control X so we've got our install docker.sh we can change that to have executable permissive permissions with chmod plus X install Dash docker.sh now again I'll have instructions on how to do all this stuff in the show notes you can just copy paste commands and get this set up the same way it'll have a slightly different method for doing it but really and truly almost the exact same method now that we've got that part done I can close out of this terminal here and we should have the other terminal still running there in the background all right that finish so we're just going to do a reboot and we'll give that about 20-25 seconds and we'll log back into that server all right we've given that a few seconds let's see if we can log back into the server and we're in great so if we do an LS we can see that install docker.sh file here that we made executable while ago so we're just going to run that with DOT slash and then the name of that file it's going to tell us a little bit about our system so we have 2204 so we're going to pick option number four down here and then we do want Docker CE so we'll put a y Docker compose we'll put a y and the rest of these we're going to put in n so this is just going to go out and the first is going to try to update and upgrade the system now if you're running this on digitalocean I recommend doing exactly what I did which is run the update and upgrade first and then run this script because when you run it on a VPS sometimes it pops up with a message in the terminal asking you to do something because it has a different setup that the digitalocean set specifically for your VPS and this script does not present that to you it it just doesn't so it'll seem like it's hung on this first step for a long long time now it could take a while to upgrade the server depending on how long it's been since you ran that but as long as it doesn't pop up anything in the background just runs the upgrade it'll finish and continue on but if it does then this will seem like it's hung and you won't see that so that's why I did it that way and there it is and the next thing it'll do is try to install Docker compose it's going to set up the user if you're logged in as a regular user this will set up the the actual user as part of the docker Group which helps run Docker command without sudo but in this case the the expectation is that you're going to be logged in as root in order for netmaker to do some of the things that has to do for setting up your network and things like that all right everything's installed that's great so we're just going to do docker PS just to make sure it comes up with something like this if you see this then docker's working you're you're set up so we can clear this out and we're going to go back to their instructions so we already prepared our DNS now there's three different domain things that they want set they want dashboard.netmaker.yourdomain and then api.netmaker then dot your domain and then broker.netmaker.yourdomain that's why I did the star because it should help us get these things set up automatically in the background which is great so the next thing we do is install our dependencies so they give us a couple of commands that we need to run so first sshn is root and then run the update which we already did and then it wants us to install um Docker io.compose which we've already done but we also need to install wireguard so we'll go back and actually run that so sudo apt install wire guard Dash y and that's done and then the next thing is a little bit of firewall setup Now by default in digitalocean the VPS firewall is turned off you can go and turn on a separate firewall Appliance in front of the VPS which is kind of nice but if you do you need to make sure you've got ports open and it just gives you the port ranges you need to have so you can go ahead and run this you just copy this and it's using the uncomplicated firewall ufw so if you're using a different different operating system you'd have to adjust for this for sure so I'm just going to go back over here paste that in and run it real quick it doesn't take long then we're going to come back and do one more here for iptables and switch back run that one real quick and I'm just copying and pasting literally right out of there out of their documentation here now the next thing is to install net maker so there's a few things to do here so we're going to prepare Docker compose so we're going to run this Command right here first and we're just going to go over here and run it there we go and it grabs the IP address of our of our server so we're going to run this wget to go grab their Docker compose file and it will pull that down for us and then we'll add a few things to that file using these said commands and then we'll be just about ready to run so we're just going to copy that one paste it in there it is now if we do an LS we should see that we have my my Docker installer script the log from that and then dockercompose.yaml great and then we will switch back and we're going to go here and we're just going to run this said command we've got to replace what's inside these angle brackets with what it's asking for but other than that we should be set so I'm just going to hit a tab here and go back and I'm just going to go back here to this slash I'm going to erase everything to there and this is netmaker dot the itpros.org [Music] we're just going to hit enter and then we've got to go back and grab this next one and it wants the IP address of our server so again we'll just go back here to this slash right before the G get rid of everything in the angle brackets and we'll put in our IP address which we will go and just get from digitalocean if you remember it it's fine just to type it in as well and then we'll paste that in there and hit enter and then we need one more command here and this just wants our email address and you can use any email address you want to here um so I'm just going to go this way hit enter then we're going to move down and it wants us to generate a unique key so we're just going to highlight this top command here first and we're going to run that and it gives us that key and then we're going to use this said Command right here and we're just going to back up again take out everything in the angle brackets we're going to highlight this key and we can right click and copy it and then one more back I think there we go we can right click and paste it and there's the key there we go get rid of that return line if it happens to add one for you now we've got it there's our there's our said Command put everything in the right place here one more thing where we go grab this file this special file so it's going to pull that down it's going to pull down basically an mq which is just a messaging queue configuration file that we need it's already preset nothing to change in it it pulls that down I'm going to clear this out so we can keep going here and I think we're ready we're really ready to run Docker compose up Dash D now you can run it with sudo if you want to but in this case we're logging as root so we don't need to and I'm just going to hit enter that's going to pull down all of the images that we need including the net maker stuff that's pretty fast these are these are not huge files they unzip really quickly especially on these digital ocean droplets with these ssds when it comes up and it'll tell us if everything comes up and running they should get it done basically and then in the documentation once you've done that it basically says go to dashboard.yourbase domain and you should be able to get to the netmaker dashboard so we can jump over here we don't need this code anymore so we can go to net dashboard dashboard.net maker Dot vitpros.org and there we go now we need to create an account again you can use any email you want to for this account it doesn't have to be uh the email you put in then give it a nice strong password and repeat it and hit create if everything goes well it'll come up to this screen where you're going to then use that information to log in and you can tell it to save or not save it's really up to you kind of what you do there once you're into the dashboard really net maker is running so you've now got a wire guard system running in the cloud and we can do a lot of stuff with this but the first thing we actually need to do is create a network so you come up you really have nothing here this is kind of your dashboard where you can get an overview of what's going on so you can see how many access keys there are how many external clients and we'll explain the difference between external clients and net clients or yeah their net client agent basically so nodes everything like that so you can get a nice quick overview of your network but we're going to click in and we don't we don't really have any networks yet so we're going to create a network and we're going to give this a network name we're just going to call it the it Pros and then address range ipv4 now they have this auto fill you can just click this and it'll kind of do whatever it wants but you can see it replaced my name here you want to be a little careful with how long you make this so we're going to do the IIT Pros pretty pretty short I think it's 12 or 13 characters it's because of how they set up your network interface naming there's some stuff that they append to it and things like that that they know to look for so so be careful with this yeah there it is 12 lowercase characters so don't try to make a mixed case or anything like that um it gives us an IP address that's already in the private IP address range space it's up to you if you like this or if you want to change it for me it's fine next thing is if you want IPv6 you can turn that on right here I'm not going to use IPv6 but feel free UDP hole punching is another one so they have it on by default I don't know if it needs to be on I'm going to turn it off if we need to come back and turn on we can always do that default access control I mean just a few little different options for your network but for the most part we're set we're going to create the network and you'll see it pops up right here now we've got this network that's great we've created a network but what can we do with it so this is kind of where their net client install comes in now if you're running on a Linux system like I am you can try to use the net client if you have a server that you're going to put on this network you can use the net client so there's a lot of a lot of different things you can do with the actual net client itself so what I'm going to do is I'm actually going to go and install the net client on one of my servers here inside of my network that's the that's the first step what I want to do is I want to create a connection from outside on the internet from my digitalocean VPS server to the inside of my network so I want to be able to go from outside my network to inside my network and actually access something so the first thing we're going to do is just a peer-to-peer connection from outside of my network to inside my networks what we're going to do is we're going to go and we're going to create some access keys so first thing we need are access keys and you it asks you which network because you can make multiple networks so you're going to pick the network you want to create access cues for and then you can create multiple access keys I don't know why it brings you to this page and then doesn't have the network you picked but pick it again and then do create at create access keys and right here you're going to give it a name so this is uh my Network you could call this Bob's Network Joe's Network bills machines you know depending on how you're setting this up you can set this up where you have multiple developers who need to access certain machines but only that developer needs access to it so you create his Network and only his machines are on his Network you have to worry about other people trying to access those machines you could have an entire office Network where it's like North Office South office I mean just really kind of up to you so as you're going through this think about how that works but you can create these Keys you can create more than one doesn't be one key per machine or anything so I'm going to create let's just call this five keys so I've created the keys and then they give you these instructions on how to set this up now you need to have the net client installed so if you're going to install the net client you need to go and find the net client instructions again I'll have these links in the show notes in the description and then we're going to basically use this just join command for the net client right here now they have net clients for Linux for Windows for Mac OS and they have graphical user interfaces for Windows they have them for Linux but it does not get installed by default with the actual client whenever you're installing so be aware of that but they have instructions for Debian distros Red Hat distros Arch so you kind of have a good option set here for these but again if you just if you don't have a net client option for some reason or it's not working for you you can try to use it as an external client quote unquote which is just basically getting the wire guard config and running it straight up from wireguard so what we're going to do I'm going to I'm going to take this and I'm gonna go and open up my terminal here again I'm logging to my server so I'm just going to grab this and I'm going to kind of slide it over to one side of the screen here and I'm going to grab these commands and then we're going to basically fill them in as we go so first thing we've got to do is grab their key and then I'm going to switch back over to my terminal paste that in it's going to ask for my password and it's going to grab the key I could probably do this all in just one big block we add the Repository we update and then we install the net client and really that's all there is to it the net clients installed if you have Windows you basically run an executable to get it installed on Windows it's really not that difficult to do now we are on our net maker box we've got our instructions right here for joining with the net client so I'm just going to copy this line right here so I just click on this button to copy that line of instructions once we've got that pasted in we're just going to hit enter so we have to run this with sudo I forgot so we do need to do sudo and then paste in the command and now we can hit enter and we should get output like this it should be very straightforward very minimal output kind of make this easier to look at but basically joining it tells you the network information and then basically starting wire guard so now if we do WG show oh again sudo WG show sorry we can see here that we've got basically our our system we just logged in and the server as up here and we're basically set up so this is pretty great right so I've already got this thing going we can see that we're getting some data so we've got 92 bytes already received so everything's talking I should be able to Ping that server as well so this is the server address right here so I should be able to do ping and then that server address and get responses back and we do now I should also have internet access so I should be able to do ping google.com and I get responses that's great so everything's working we're online and our server is up and running so the first thing we have to do is we have to go back to our Network and we're actually going to go here to our nodes section you can see there's two nodes so we've got the actual access point the the main server and then we've got the one that I just added which is this this client what I need to do is I need to make an Ingress node so egress means I'm coming from the network and I'm going out to something else we'll use that in a minute to access my home network but Ingress means I'm coming from quote unquote outside the network and I'm joining it and coming in which I'm going to be using it as an external client so this needs to be an Ingress node so I'm going to click on this button it's going to ask are you sure you want to create this as an Ingress Gateway I'm going to say yes except and you'll see that turns into a little check mark next I'm going to go over here to the left menu I'm going to go down here to external clients I'm going to click on my server and you can see it's already kind of set up since I've got the Ingress Gateway created so I'm going to click on this little plus right here let's say I need to create an external client and you see it gives me a QR code option it gives me the ability to download the file kind of however I want to do it so you can do this in a lot of ways for for wireguard now back on the net maker interface we're going to go back into our nodes and on this one that is my network what I want to do is I want to turn that into an egress node so my iPad comes in through this network travels over to this one and then it says I want to allow it to go out to the rest of the network that this server is physically connected to so from the VPN to the LAN so I need to know a couple of things before I do this so I'm going to switch back to the terminal and I need to do IP Dash br and what I'm looking for is the interface name for my interface that my public that my private IP Lan runs on so this is my land 192.168.10 and this is the interface ens 18. so I'm going to click on this button right here so the first thing that asks for the egress Gateway is what do we want for the Gateway range so I want this to be 192.168.10.0 slash you're going to use cider notation 24. so that's all of this basically subnet up to 10. and then the the actual interface that it uses is ens 1 8. enable Nat and I'm going to say create that turns into a check mark I'll Zoom this back out a little bit and now we've got our egress Gateway now I had a little problem because I showed you how to set this up and I did it from the itpros.org and I set everything up on my home network but I realized I don't really have a way to get off of my home network and back in I was going to try to use my cell phone as a hot spot and it just wasn't working my cellular coverage in this house is miserable so I have to use Wi-Fi Calling all the time as it is so that just didn't function so what I'm going to do is I've got this actually set up for a client and I've got a network already set up and I I have set up their nodes in a way that you'll notice is very familiar so I have this Ingress Gateway which is their server which is the server that I've set up and then I've got an egress Gateway set up on their system and all I did was just set up a little VM with lubuntu on it um very basic minimal operating system and then I went and installed the net client on that VM and I turned it into an egress node so Ingress and egress is exactly what it sounds like so I have this machine set up with the wire guard client and this is just a GUI client that you can get on the internet out there on GitHub it's pretty great I may cover it in a separate episode sometime but you can see here I've got two different ones so this is the one we just created today and I can't connect to it um it just you know because I'm inside the network already I can already connect all the machines inside my network so it doesn't really show you the capability that it has but if if I hit connect you see it it connects and I get my message down here that it connects and then I can hit disconnect and it disconnects but this is the one that I'm going to use because I'm going to show you that when I connect I can then access things on this network on this on this other network so my network IP addresses are 192.168.10 and the addresses on this network are 192.168.16. so I'm going to try to go to https colon slash slash 192.168.16.14 and I'm going to do 8006. now this would be the proxmox server on this network now it's going to try it's going to go it's going to be like well I'll look for it but obviously because I'm not connected to that Network in any way it's not going to find it it's just simply not going to happen so it can sit here we can sit here for a little while while it thinks and it's going to finally say I can't find that I can't reach that um it just isn't going to happen but what I can do is I can go here and I can now connect to this network and once I've connected to that Network having that Ingress Gateway in place I can refresh that and now I connect right up to proxmox and I can get onto the system and I'm still hitting the same IP address I have not changed anything all I did was come up here and basically refresh the attempt to get into the system and now I can reach that system so anything on this network I can now reach because this is not the machine that actually has the quote unquote egress Gateway it's a virtual machine on the proxmox server that has its own IP address inside of the network so this is the power of using something like wireguard and having some amazing software that someone has taken the time to set up like net maker so being able to set this up and saying you know what first I need to play and I need a way to get into the network from outside so I've got my machine that's set up basically like an external client I go in through the Ingress Gateway and then it routes me across the network to this peer that is in an egress Gateway and when we set this up all we did was say here's the IP address range that I want and in this case it was 192.168.16.0 24 for The Cider notation and then I told it what port this runs on and again you can run a quick command I showed you how to do that to figure out what your Port is and once you do that and and get this little check mark you're ready to go you should be set up and ready now even if I was using the net client on my machine I would still be able to reach the things that are on this egress Network I need the Ingress Network because I'm actually setting up my machine as an external client to this network if I wanted to set up the net client on my machine and actually run it that way I could it still would function I wouldn't even need the Ingress Gateway because then my client is considered one of these nodes and I just need the egress Gateway so a couple other things that are worth mentioning is that they have some user control I talked about that when we first set this up I kind of wanted to show you what that looks like so if we go over to the left bar and click on users you can see right now I'm the only user in here but I can add a new user I can give them a username so I could just say Bob at Bob's browsers.com I could give Bob a password that's temporary and then confirm that password so and then I can say whether or not Bob is an admin on the system and I can check which networks he has access to so if I create more than one network because remember you're not limited on this you can create different networks but I could create five or six networks and set up different machines on those various networks so they don't have access to each other it's almost like creating vlans but using net maker instead but here I could say you know what Bob has access to this one and this one and not the other three kind of any way that I want to do that and then I hit create and Bob has a user now Bob can come log in with his user and he can only do certain things to certain networks that I give him access to or he might be an admin that I also need to help me monitor the system so you can come in and do admin things it just depends on how you want to set this up so pretty cool that you have this kind of user access capability where you can have other people getting into the system and helping you out pretty pretty useful when you have a business that's growing especially now they also have ACLS you can click over here on the left and you'll see that you can get ACLS you can pick your your network again and you can kind of go and set up whatever the access control lists look like how does this work so a few a few nice features again kind of built into the net maker system and again this is open source software that you can get out there and run for yourself so they have basically some graphs so this kind of gives you a really cool look at your network and you can see exactly what's happening so these colors tell you what each thing is and you can pick the network if you have more than one you can pick so you can see the different networks here but it'll kind of show you what's being built out as your network grows so you've got this thing that shows you like hey this can go into here and this one can go into here so these are my external clients that they they can go into the Ingress Gateway and then the Ingress Gateway and egress Gateway appears so they can go in both directions you can see the arrow indicating that and then the egress Gateway says you can go into that but these machines cannot reach back out to my machines that are connected so it's it's kind of a One Direction thing from this point on and the same way here these can reach in but this can't reach out so you're really setting up a nice set of network capabilities here now I've shown you how to do this because I think this is useful when I have to get onto client networks and client systems having this ability to do this over a VPN over a secured connection and over a fast connection like wireguard is absolutely fantastic it is just amazing that there's an open source project like wireguard that exists that there's an open source project like net maker that exists now net maker is coming out like I said with a pro level setup I think it's going to be really great and again as you get more and more into using things like net maker check that out help support the net maker project because this is an amazing tool look at this thing look at everything you get out of this and it's all open source course so these guys put a lot of time and a lot of effort into making this great and for us to support them is so very important all right before I finish up this video I wanted to make sure and focus on the on the fact that netmaker is creating a Pro Plan and if you want to see the information about that you can just click over here on this pro at the top of their screen here's the thing to get with so netmaker is open source you can run this for free you can do everything that I've shown you you get all the tools that I've shown you but in order to keep going with this open source project just like any open source project they need a way to start monetizing this and start getting some money back for the time that they've put into it and again Alex was so great to get on and just walk me through everything that I showed you and it was really great to be able to talk with him but I wanted to make sure that you saw everything as well so here on the Enterprise Edition one thing that you'll get is basically metrics and monitoring so they have this dashboard that you can actually get to that has a lot of metrics and monitoring about what's going on in your network your users your devices everything like that so A couple of the other really great features is user management and access so I showed you that you have some user management as it is out of the box which is great so also worth looking into the user management if you're looking for more user management capabilities out of the box with netmaker as well and then of course Advanced failover or automated failover so basically some setup and some configuration that can help you like if a node goes down do some redirection do some some failover things so again keeping your network up and running where you can get five nines of uptime if you're not familiar with that term if you don't know what that means that means 99.999 percent of uptime so if you break down a year into minutes and you look at .001 of that time I think it's like five minutes which means in a year your your system might be down for five minutes if you were to use this capability or this function it's an extremely small amount of time when you really think about how long software has to be up and running consistently to reach five nines pricing he tells you right here like we understand pricing is not easy not every not everything is worth the same amount of money so they really price based on what you're using and you can kind of check out what that's going to look like you can see what's going on the nice thing about it is again the pricing is based on your usage it's not just like throwing up there with some kind of crazy pricing scheme so I think that's really amazing it's a great value and I wanted to make sure to cover it make sure that you guys knew about it please if you're using net maker if you like what he's doing if you like what Alex has got going get out there and support this project I hope you enjoyed this if you did like subscribe tell your friends about it so they can come along on the journey with us and I'll talk to you next time foreign [Music]

Info

Channel: Awesome Open Source

Views: 66,963

Rating: undefined out of 5

Keywords: open, source, opensource, open-source, self, hosted, selfhosted, self-hosted, free, libre, software, server, web, internet, browser, linux, mac, macos, os x, windows, microsoft, unix, bsd, ios, android, pi, raspberry, desktop, digital, ocean, digitalocean, vps, tutorial, how to, setup, installation, instructions, cli, command line, terminal, interface, open source software, open source news, open source projects, vpn, wireguard, gui, network, netmaker, clieent, easy, openvpn, nord, pritunl, opnsense, pfsense, openwrt, dd-wrt, mikrotik

Id: X-BYDYoM_3w

Channel Id: undefined

Length: 40min 43sec (2443 seconds)

Published: Sun Oct 16 2022