WireGuardNT: Tunnels cannot be "nested"

David Lönnhager dv.lnh.d at gmail.com
Mon Aug 23 10:21:30 UTC 2021


Hello,

I'm trying to connect to one peer/endpoint via another peer. Using
wireguard-go, or using WireGuard in the Linux kernel, this could be
accomplished with a configuration kind of like this one:

[Peer]
Endpoint = A:51820
AllowedIPs = B/32
[Peer]
Endpoint = B:51820
AllowedIPs = 0.0.0.0/0

When I try this setup with WireGuardNT (0.4), it seems as if B is
being connected to directly (outside of any tunnel), even if I route
"B" through the WireGuard interface.

Are routes using the interface being ignored
(https://git.zx2c4.com/wireguard-nt/tree/driver/socket.c#n213), and is
this the reason why the above no longer seems to work?

Is there any chance that this will change?

Thank you,
David


More information about the WireGuard mailing list