top | item 22178540

(no title)

winged | 6 years ago

My greatest misunderstanding before getting it to work was that Wireguard uses the `AllowedIPs` setting both for defining which source IPs to allow, and also for routing traffic back. Means you can't have multiple peers on your machine with the same set of `AllowedIPs` - you need to configure each separately with their exact IP address.

Since WireGuard doesn't do NAT hole punching etc, you'd most likely need to connect from work to your network, and use the `PersistentKeepalive` setting. You can't initiate the connection the other way round.

discuss

labawi|6 years ago

Yep, AllowedIPs should really be called IPs (or PeerIPs).