WireGuard with obfuscation support
Lonnie Abelbeck
lists at lonnie.abelbeck.com
Mon Sep 27 13:48:38 UTC 2021
> On Sep 27, 2021, at 8:01 AM, Konstantin Ryabitsev <konstantin at linuxfoundation.org> wrote:
>
> On Mon, Sep 27, 2021 at 05:21:57AM -0500, Bruno Wolff III wrote:
>>> With obfuscation there would be UDP packets of random junk, and it would be a
>>> much harder job to come up with a rule to drop those without affecting
>>> anything else.
>>
>> If your ISP is blocking your Wireguard traffic call them up and complain.
>
> There have been times when I found myself briefly at a location that didn't
> allow wireguard traffic, like an airport or a public library. Complaining
> wouldn't have been a useful course of action to take, since I needed a
> solution at that particular time and place.
Public hotspots may just be blocking UDP/51820, not DPI.
Some time ago Jason posted an iptables REDIRECT workaround at your WG "server" endpoint [1]
I have found typically either 443 or 4500 will work if 51820 is blocked.
Lonnie
[1] https://lists.zx2c4.com/pipermail/wireguard/2018-November/003503.html
More information about the WireGuard
mailing list