Wireguard behind NAT
Ole-Morten Duesund
olemd at glemt.net
Mon Sep 3 12:43:19 CEST 2018
On 9/3/18 12:28 PM, Adrián Mihálko wrote:
> Is there any way to connect to Wireguard behind a Carrier-grade NAT?
>
> On SIDE_A I have a backup LTE connection, without proper public ip, only
> dynamic ip and I server with Wireguard.
>
> SIDE_A = mobile LTE connection, without public IP, behind carrier grade NAT
> SIDE_A_SERVER = WIREGUARD (connecting to sideb.dyndns.org
> <http://sideb.dyndns.org/>)
>
> SIDE_B = VDSL with public ip + ddns (sideb.dyndns.org
> <http://sideb.dyndns.org/>)
> SIDE_B_SERVER = WIREGUARD (cannot connect to SIDE_A, because no public
> ip on SIDE_A)
>
> I heard of Wireguard-P2P, but it's not running on headless server,
> because one of their component requires x11.
This is pretty much the same as I have - and while SIDE_B_SERVER won't
be able to establish connection to SIDE_A_SERVER, SIDE_A_SERVER should
have no problems establishing a connection to SIDE_B_SERVER.
Adding a "PersistentKeepalive = 5" to your config on SIDE_A_SERVER
should keep the connection up.
- OM
More information about the WireGuard
mailing list