Traffic on port 53 fails on LTE but works on WiFi
graysky at archlinux.us
Sun Nov 18 19:55:53 CET 2018
I have a simple WireGuard VPN setup I use running WG on a home Linux
box and connecting to it with several iOS clients. The server peer is
setup on port 53 since a the networkadmins of some remote WiFi
networks my mobile devices seems to block udp traffic on higher ports.
Encrypted connections work fine on WiFi as I have setup, but do _not_
work when I connect via LTE (Verizon supplying the data). On LTE, I
am no longer able to transfer data to/from the server peer but I can
handshake with it.
If I inspect the output of `sudo wg` on the server peer, I see the
endpoint IP address changes to reflect my Verizon LTE IP and the time
since the last handshake reset to a few seconds which is consistent
with my ability to connect to the WireGuard peer server.
I am unable to transfer data (pull up a web site or check email etc).
It's as/if Verizon is blocking my data flow on port 53. If I change
the port from 53 to 123, it seems to work fine although I do not have
universal connectivity on the various WiFi networks I visit on port
123. The optimal port would be 53 for my use case.
So the questions:
1) What can I try on the server peer side to diagnose?
2) Do people feel that Verizon is actively blocking the connection on port 53?
More information about the WireGuard