WireGuard peers

WireGuard creates a peer-to-peer VPN between two or more peers/endpoints. Nothing fundamentally defines a peer as a server or client: each peer talks to the other, tunneling/encrypting the data between them. There may be some ancillary settings that may be required on each side of the connection, such as the firewall. Nonetheless, it can sometimes be helpful to use server/client terminology.

A VPN server listens for a connection initiated by another host/device/service. Your OpenWrt router acts as a server when you install WireGuard to enable remote administration and/or remote access to network services that reside “inside” your local network. Your WireGuard server at home can also provide a measure of security when on public networks or bypass geo-restrictions when traveling since your traffic is encrypted through a tunnel to your server and then appears to be originating from your home. A commercial VPN provider's WireGuard peer would be considered a server as well.

A VPN client initiates a connection to another peer. Your computer or mobile device acts as a client when it connects back to your OpenWrt router as a WireGuard endpoint from outside. Alternatively, if you configure your OpenWrt router to connect to a commercial VPN service, then the OpenWrt peer itself may be considered a client.

WireGuard can create a site-to-site tunnel between two or more separate networks such that they act as one. Here, either or both sides may initiate a connection, and both sides listen for that data. This lets you administer and/or share network resources between the two networks. A common use case for this scenario is linking two remote office networks together.

This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies
  • Last modified: 2020/10/04 02:28
  • by vgaetera