Wireguard with Public IP behind NAT

… or how to host a Dualstacked Public Website behind a IPv4 NAT Box without Reverse Proxy, Portforwarding and other ugly stuff … inspired by the following Post, i started a little project and redesigned the connectifity for my Hamster’s Webserver :) i wrote a mail to the guys from tetaneutral.net and asked them for the wireguard vpn service with public ipv4/ipv6 adresses for my server. as i didn’t get any feedback, i had to implement the “Server” on my own.

Wireguard Puffy to OPNsense

WG Tunnel between OpenBSD and OPNsense How to Setup an WG Tunnel between OpenBSD and OPNSense ? That’s quite simple … OpenBSD Install Packages pkg_add wireguard-tools-- Gen Key Onliner wg genkey | tee privatekey | wg pubkey > publickey Build Interface r=$(openssl rand -base64 32) remote_ip="" remote_net="" cat << 'EOF' > /etc/hostname.wg0 # WG Tunnel to OPNsense wgkey ${r} wgport 51820 wgpeer xxxxx - PUBLIC-KEY-OF-REMOTE-HOST - xxxxx= wgendpoint ${remote_ip} 51820 wgaip ${remote_net} inet 10.

Wireguard on (current | 6.8 and higher )

Wireguard on OpenBSD OpenBSD added wg to the Kernel a while ago … why not have a look into and do some speedtests … ? Setup CLIENT1 — WireGuard — CLIENT2 and running tcpbench between Client1 and Client2 Fireup VMs Stage 3 VM’s on my litte Proxmox Server (Intel NUC) host nic ip wg nic ip Client1 em0 wg0 WireGuard em0 wg0 Client2 em0 wg0 10.


WireGuard Stuff, 2019-09-18 Resourcen Also Check my new Post about Wireguard on Current … Using wireguard on OpenBSD OpenBSD Router: VPN Wireguard Server Packages pkg_add wireguard-go \ wireguard-tools \ libqrencode Config & Enable WG rcctl enable wireguard_go rcctl set wireguard_go flags tun2 Prepare Environment mkdir -p /etc/wireguard/{keys,config} cd /etc/wireguard Generate Keys wg genkey | tee keys/server-private.key | wg pubkey > keys/server-public.key wg genkey | tee keys/client001-private.key | wg pubkey > keys/client001-public.