From: "Rene 'Renne' Bartsch, B.Sc. Informatics" <ml@bartschnet.de>
To: wireguard@lists.zx2c4.com
Subject: Re: Android and Manjaro road warriors behind dynamic IP addresses/Carrier Grade NAT?
Date: Sat, 29 Dec 2018 14:49:56 +0100 [thread overview]
Message-ID: <fb40366a-6e67-e155-48a8-89a8714dff19@bartschnet.de> (raw)
In-Reply-To: <d00751e2-569b-f1fb-a4dc-6cd9000c8269@activezone.de>
Hi Markus,
that's what I thought about, too. It means to add another authentication system (SSH) and fiddle around on Android smartphones.
Is there any way for Wireguard peers with static IP addresses to push endpoint information of all connected peers to all other peers?
Or at least a hook which allows to dump changing endpoints into a file in real-time?
The optimal solution would be to integrate something like https://github.com/manuels/wireguard-p2p (DHT + hole punching techniques) into Wireguard itself.
Addressing by public keys and resolving IP-addresses/ports by a DHT would even make Wireguard John-Doe-compatible. ;-)
Regards,
Renne
Am 29.12.18 um 13:53 schrieb Markus Grundmann:
> Hi Renne,
>
> for this reason I use a jump server based on SSH in the middle of the
> nodes.
>
> <snip>
> [authorized_keys]
> no-port-forwarding,no-X11-forwarding,command="~/bin/poll .my-ip ; cat
> ~/.remote-ip" ssh-rsa AAAAB3N ...
> </snap>
>
> After you have received the IP addresses you can use "wg" to set the new
> endpoint address on both nodes. The small script named "/bin/poll" uses
> the environment variables of SSH to wrote the current IP into a file.
>
> Best regards,
> Markus
>
> On 29.12.18 13:16, Rene 'Renne' Bartsch, B.Sc. Informatics wrote:
>> Hi,
>>
>> we have Android and Manjaro road warriors which are often behind
>> internet sockets with dynamic IP addresses AND Carrier Grade NAT.
>>
>> Does anyone know a trick how to initiate a direct Wireguard connection
>> between to road warriors without knowing their endpoint IP addresses/ports?
>>
>> Regards,
>>
>> Renne
>> _______________________________________________
>> WireGuard mailing list
>> WireGuard@lists.zx2c4.com
>> https://lists.zx2c4.com/mailman/listinfo/wireguard
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
>
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
next prev parent reply other threads:[~2018-12-29 13:50 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-29 12:16 Android and Manjaro road warriors behind dynamic IP addresses/Carrier Grade NAT? Rene 'Renne' Bartsch, B.Sc. Informatics
2018-12-29 12:53 ` Markus Grundmann
2018-12-29 13:49 ` Rene 'Renne' Bartsch, B.Sc. Informatics [this message]
2018-12-30 3:35 ` Bruno Wolff III
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=fb40366a-6e67-e155-48a8-89a8714dff19@bartschnet.de \
--to=ml@bartschnet.de \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).