Another roaming problem

Jason A. Donenfeld Jason at
Thu Mar 8 17:18:47 CET 2018

Hi Toke,

On Thu, Mar 8, 2018 at 3:29 PM, Toke Høiland-Jørgensen <toke at> wrote:
> So is there a way to either tell the client not to change its idea of
> the endpoint, or to tell the server to always use a certain source
> address for outgoing packets?

There have been some discussions on adding another [gasp] nob to clamp
an endpoint, for this reason and some other related ones. But the
source address caching is supposed to be sticky. That is -- it's
supposed to be that WireGuard will use the correct source address
based on in the prior incoming packet. I can try to reproduce to see
if perhaps you're uncovering some incorrect behavior here. More
generally speaking, it seems like this problem is occurring for you
because of NAT and so I wonder if a simpler solution would also
involve NAT -- namely, configuring "hair pin" NAT?

More information about the WireGuard mailing list