[WireGuard] Using wireguard link as a proxy?
Bruno Wolff III
bruno at wolff.to
Fri Jul 22 11:09:13 CEST 2016
On Fri, Jul 22, 2016 at 10:18:21 +0200,
Baptiste Jonglez <baptiste at bitsofnetworks.org> wrote:
>
>Yes, the notion of "immediate next destinaton" does not make sense for
>Wireguard. It encapsulates plain IP, not Ethernet.
I thought that the next IP address might have been available for wireguard
to see as the information seems to be available for routing. But as you
mention below and I realized, that doesn't help with the return packets
since they can have (almost) any source address.
>You need "allowed ips 0.0.0.0/0" here. Your situation is just a regular
>client/server tunneling setup, there's nothing special about "proxying",
>whatever that means.
Yeah I realized that when thinking about this some more. "Proxy" in this
case means source nat will be used on the outgoing packets.
Thanks.
More information about the WireGuard
mailing list