Hello,
I'm new to networking in general and VPN in particular but need to setup
infrastructure to be able to SSH easily to several people who are behind
routers (NAT). After reading that WireGuard is super simple - I decided
to give it try.
It indeed turned out to be simple till now. I setup a Debian virtual
server with a public IP and configure it as follows:
Server:
# wg
interface: wg0
public key: QMwhCacViCKcTrkevg5NxLnTEJDU1bTNgQp43rp7BHM=
private key: (hidden)
listening port: 12000
peer: hiUdjmCK+iZf8wGEB+rYxMYYBF8QoOsm3nkF3asllRY=
endpoint: 37.X.Y.Z:4488
allowed ips: 10.8.8.9/32
Where is that port from?
Is everything OK here?... At the beginning everything worked as expected
- I could ping/SSH in both directions via the private 10.8.8.8 and
10.8.8.9 addresses. Later I put my desktop into "hibernate mode" and
after turning it on again could no longer use the link...
I guess the NAT router in between dropped your connection by timeout.
You either need to ping from behind-NAT first, to re-establish the tunnel, or if you want to do it both-ways setup portforwarding on the NAT.
Check the keepalive opions in wg, in case your NAT has only short memory.
Cheers,
Kalin.