Wireguard is a new secure VPN tunnel that is in the Linux kernel as of 5.6. From its website: It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances.

WireGuard uses advanced cryptography, like the Noise protocol framework, Curve25519, ChaCha20, Poly1305, BLAKE2, SipHash24, HKDF, and secure trusted constructions. It makes conservative and reasonable choices and has been reviewed by cryptographers.

Wireguard is in Beta in the latest VNS3 release. We can confirm it provides a nice performance boost for secure VPN traffic.