From 6dcaff98cdc81f45d05362e8d751dfcaeb009ee4 Mon Sep 17 00:00:00 2001 From: LinuxServer-CI Date: Tue, 5 May 2020 08:46:22 +0000 Subject: [PATCH] Bot Updating Templated Files --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index ac0c617..45cb21e 100644 --- a/README.md +++ b/README.md @@ -186,6 +186,13 @@ The templates used for server and peer confs are saved under `/config/templates` ## Client Mode Do not set the `PEERS` environment variable. Drop your client conf into the config folder as `/config/wg0.conf` and start the container. +## Road warriors, roaming and returning home +If you plan to use Wireguard both remotely and locally, say on your mobile phone, you will need to consider routing. Most firewalls will not route ports forwarded on your WAN interface correctly to the LAN out of the box. This means that when you return home, even though you can see the Wireguard server, the return packets will probably get lost. + +This is not a Wireguard specific issue and the two generally accepted solutions are NAT reflection (setting your edge router/firewall up in such a way as it translates internal packets correctly) or split horizon DNS (setting your internal DNS to return the private rather than public IP when connecting locally). + +Both of these approaches have positives and negatives however their setup is out of scope for this document as everyone's network layout and equipment will be different. + ## Docker Mods [![Docker Mods](https://img.shields.io/badge/dynamic/yaml?style=for-the-badge&color=E68523&label=mods&query=%24.mods%5B%27wireguard%27%5D.mod_count&url=https%3A%2F%2Fraw.githubusercontent.com%2Flinuxserver%2Fdocker-mods%2Fmaster%2Fmod-list.yml)](https://mods.linuxserver.io/?mod=wireguard "view available mods for this container.")