Development discussion of WireGuard
 help / color / mirror / Atom feed
* Wireguard does not work in Iran
       [not found] <561370843.2818033.1664357524603.ref@mail.yahoo.com>
@ 2022-09-28  9:32 ` Mehdi Haghgoo
  2022-09-28 19:23   ` David Fifield
  0 siblings, 1 reply; 4+ messages in thread
From: Mehdi Haghgoo @ 2022-09-28  9:32 UTC (permalink / raw)
  To: WireGuard Mailing List

Hi,

It seems that Wireguard does not work at all in Iran.
I used to use it with nmcli on Linux, but recently it just does not work, even with ADSL Internet (Mobile internet is mainly shut down).

I suspect it is not because UDP is completely blocked, because I see some other VPNs are working with UDP. Could the co

Are there any suggestions to make Wireguard work under recent harsh Internet crackdowns?

An example of the Wireguard conf I used to import into NetworkManager is as follows:

[Interface]
PrivateKey = xxxxxxxxxxxx
Address = 10.2.0.2/32
DNS = 10.2.0.1

[Peer]
PublicKey = xxxxxxxxxxxxxxxx
AllowedIPs = 0.0.0.0/0
Endpoint = x.x.x.x:51820

Best regards,
M.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Wireguard does not work in Iran
  2022-09-28  9:32 ` Wireguard does not work in Iran Mehdi Haghgoo
@ 2022-09-28 19:23   ` David Fifield
  2022-09-28 19:42     ` Houman
  2022-09-28 21:58     ` Evrim Ulu
  0 siblings, 2 replies; 4+ messages in thread
From: David Fifield @ 2022-09-28 19:23 UTC (permalink / raw)
  To: Mehdi Haghgoo; +Cc: WireGuard Mailing List

On Wed, Sep 28, 2022 at 09:32:04AM +0000, Mehdi Haghgoo wrote:
> It seems that Wireguard does not work at all in Iran.
> I used to use it with nmcli on Linux, but recently it just does not work, even with ADSL Internet (Mobile internet is mainly shut down).
> 
> I suspect it is not because UDP is completely blocked, because I see some other VPNs are working with UDP. Could the co
> 
> Are there any suggestions to make Wireguard work under recent harsh Internet crackdowns?

Some people are reporting success with two-hop proxies, since not all
networks in Iran are subject to the same blocking rules. The first hop
is to another host in Iran that is less censored; the second hop crosses
the border. I haven't seen a report of someone doing this with
onobfuscated WireGuard specifically, but it may work. The second link in
the list has a kcptun component, which is UDP.

tutorial for multi-hop shadowsocks servers
https://github.com/net4people/bbs/issues/126

Tutorial: setting up a Tor bridge for Iran
https://github.com/net4people/bbs/issues/127

Two-layered access
https://forum.torproject.net/t/two-layered-access/4783

In terms of obfuscation for the WireGuard protocol, here are some
references:

Iptables WireGuard obfuscation extension
https://lists.zx2c4.com/pipermail/wireguard/2022-September/007822.html

swgp-go (userspace obfuscation proxy)
https://lists.zx2c4.com/pipermail/wireguard/2022-June/007638.html

WireGuard with obfuscation support
https://lists.zx2c4.com/pipermail/wireguard/2021-September/007142.html
https://github.com/net4people/bbs/issues/88

WireGuard obfuscation using shadowsocks
https://lists.zx2c4.com/pipermail/wireguard/2019-January/003809.html

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Wireguard does not work in Iran
  2022-09-28 19:23   ` David Fifield
@ 2022-09-28 19:42     ` Houman
  2022-09-28 21:58     ` Evrim Ulu
  1 sibling, 0 replies; 4+ messages in thread
From: Houman @ 2022-09-28 19:42 UTC (permalink / raw)
  To: David Fifield; +Cc: Mehdi Haghgoo, WireGuard Mailing List

David,

Thanks for sharing this. That's an impressive list of ways to connect
with Wireguard that I wasn't even aware of.

With the exception of shadowsocks, would the other obfuscations that
you listed here such as "Iptables extension'' or "swgp-go"  also work
with the Wireguard iOS library? As I understand it, both the server
and client have to support it.

Many Thanks,
Houman


On Wed, 28 Sept 2022 at 20:26, David Fifield <david@bamsoftware.com> wrote:
>
> On Wed, Sep 28, 2022 at 09:32:04AM +0000, Mehdi Haghgoo wrote:
> > It seems that Wireguard does not work at all in Iran.
> > I used to use it with nmcli on Linux, but recently it just does not work, even with ADSL Internet (Mobile internet is mainly shut down).
> >
> > I suspect it is not because UDP is completely blocked, because I see some other VPNs are working with UDP. Could the co
> >
> > Are there any suggestions to make Wireguard work under recent harsh Internet crackdowns?
>
> Some people are reporting success with two-hop proxies, since not all
> networks in Iran are subject to the same blocking rules. The first hop
> is to another host in Iran that is less censored; the second hop crosses
> the border. I haven't seen a report of someone doing this with
> onobfuscated WireGuard specifically, but it may work. The second link in
> the list has a kcptun component, which is UDP.
>
> tutorial for multi-hop shadowsocks servers
> https://github.com/net4people/bbs/issues/126
>
> Tutorial: setting up a Tor bridge for Iran
> https://github.com/net4people/bbs/issues/127
>
> Two-layered access
> https://forum.torproject.net/t/two-layered-access/4783
>
> In terms of obfuscation for the WireGuard protocol, here are some
> references:
>
> Iptables WireGuard obfuscation extension
> https://lists.zx2c4.com/pipermail/wireguard/2022-September/007822.html
>
> swgp-go (userspace obfuscation proxy)
> https://lists.zx2c4.com/pipermail/wireguard/2022-June/007638.html
>
> WireGuard with obfuscation support
> https://lists.zx2c4.com/pipermail/wireguard/2021-September/007142.html
> https://github.com/net4people/bbs/issues/88
>
> WireGuard obfuscation using shadowsocks
> https://lists.zx2c4.com/pipermail/wireguard/2019-January/003809.html

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Wireguard does not work in Iran
  2022-09-28 19:23   ` David Fifield
  2022-09-28 19:42     ` Houman
@ 2022-09-28 21:58     ` Evrim Ulu
  1 sibling, 0 replies; 4+ messages in thread
From: Evrim Ulu @ 2022-09-28 21:58 UTC (permalink / raw)
  To: wireguard


Hi there.

Here is my old attempt, may help.

Description:
https://www.core.gen.tr/posts/008-fixing-wireguard/

Patch:
https://www.core.gen.tr/patches/wg-evrim-5.18.0.patch


best,
evrim.

David Fifield <david@bamsoftware.com> writes:

> On Wed, Sep 28, 2022 at 09:32:04AM +0000, Mehdi Haghgoo wrote:
>> It seems that Wireguard does not work at all in Iran.
>> I used to use it with nmcli on Linux, but recently it just does 
>> not work, even with ADSL Internet (Mobile internet is mainly 
>> shut down).
>> 
>> I suspect it is not because UDP is completely blocked, because 
>> I see some other VPNs are working with UDP. Could the co
>> 
>> Are there any suggestions to make Wireguard work under recent 
>> harsh Internet crackdowns?
>
> Some people are reporting success with two-hop proxies, since 
> not all
> networks in Iran are subject to the same blocking rules. The 
> first hop
> is to another host in Iran that is less censored; the second hop 
> crosses
> the border. I haven't seen a report of someone doing this with
> onobfuscated WireGuard specifically, but it may work. The second 
> link in
> the list has a kcptun component, which is UDP.
>
> tutorial for multi-hop shadowsocks servers
> https://github.com/net4people/bbs/issues/126
>
> Tutorial: setting up a Tor bridge for Iran
> https://github.com/net4people/bbs/issues/127
>
> Two-layered access
> https://forum.torproject.net/t/two-layered-access/4783
>
> In terms of obfuscation for the WireGuard protocol, here are 
> some
> references:
>
> Iptables WireGuard obfuscation extension
> https://lists.zx2c4.com/pipermail/wireguard/2022-September/007822.html
>
> swgp-go (userspace obfuscation proxy)
> https://lists.zx2c4.com/pipermail/wireguard/2022-June/007638.html
>
> WireGuard with obfuscation support
> https://lists.zx2c4.com/pipermail/wireguard/2021-September/007142.html
> https://github.com/net4people/bbs/issues/88
>
> WireGuard obfuscation using shadowsocks
> https://lists.zx2c4.com/pipermail/wireguard/2019-January/003809.html


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2022-10-02  8:51 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <561370843.2818033.1664357524603.ref@mail.yahoo.com>
2022-09-28  9:32 ` Wireguard does not work in Iran Mehdi Haghgoo
2022-09-28 19:23   ` David Fifield
2022-09-28 19:42     ` Houman
2022-09-28 21:58     ` Evrim Ulu

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).