🎉 Firezone 0.5.0 is live! Check our blog for the full story.

Self-hosted secure remote access

Firezone is an open-source VPN and firewall server built on WireGuard® to be stable, performant, and lightweight. Deploy in minutes on your own infrastructure.
GitHub Repo stars
Firezone WebUI video

Install Firezone

Set up in minutes using our one-line install script:
sudo -E bash -c "$(curl -fsSL https://github.com/firezone/firezone/raw/master/scripts/install.sh)"
copy icon
Copy script
Paste that into a Linux shell prompt.
Review the source of the script here.

A modern alternative to legacy VPNs and firewalls

Faster speeds on the same hardware

Firezone uses WireGuard®, a simple, fast and modern VPN protocol that utilizes state-of-the-art cryptography.
  • Simpler and leaner than other VPN protocols like IPsec / IKEv2 and OpenVPN.
  • Up to 4x to 6x faster than OpenVPN (benchmark stats.)
  • High throughput and low latency.
wireguard speed diagram
cloud logo diagram

Take ownership and control of your network

Firezone runs on your infrastructure. There's no need to risk breaches by sending data to third parties or to waste time on compliance checks.
  • Supports Ubuntu, CentOS, Debian, Fedora, OpenSUSE or any recent Linux kernel (5.0+).
  • Runs unprivileged. HTTPS enforced. Encrypted cookies.
  • Packaged with Chef Omnibus. No external dependencies.

How Firezone works

Use Firezone to manage secure access to your servers, computers, and cloud infrastructure. Firezone requires minimal configuration and is quick to deploy.
  1. Download Firezone to a supported Linux host with access to your protected resources.
  2. Install the official WireGuard client on the user devices you wish to access these protected resources.
  3. Using the Firezone Web UI, add device configs to your WireGuard clients to grant them access.
View documentation
basic how it works diagram

Deploy Firezone on a supported host

Authenticate with your identity provider and enforce MFA

Only allow connections from authenticated users and automatically disable access for employees who have left. Firezone integrates with any OIDC compatible identity provider for single sign-on (SSO).

Easy to manage and blazing fast

A simple and performant remote access platform built for small teams.
speed icon

WireGuard® Support

Built on top of the WireGuard® protocol for performance and stability.
directional icon

Web GUI Management

Manage your VPN and firewall server through an intuitive web GUI.
flag icon


Deploy on your own hardware or infrastructure in minutes.
checkmark icon

Single Sign On (SSO)

Authenticate with any identity provider with an OpenID Connect (OIDC) connector.
globe icon


Firezone is distributed under Apache License 2.0. Check it out on Github.
time icon

TOTP-based MFA

Enforce multi-factor authentication using a time-based one-time password.
observability icon


Configurable logging of usage activity by peers.
locked icon

Firewall included

Only allow the traffic you need and prevent traffic from going to unwanted hosts.

Common Use Cases

Tutorials for common set-ups and configurations using Firezone. If you have a question about your architecture, please drop by our Slack Group and say hello 👋.