Skip to content

StuberSimon/VPN-Tutorial-IPv4-IPv6

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
README.md
README.md
 
 
wg0_client.conf
wg0_client.conf
 
 
wg0_vps.conf
wg0_vps.conf
 
 
wg1_router.conf
wg1_router.conf
 
 
wg1_vps.conf
wg1_vps.conf
 
 

Repository files navigation

VPN-Tutorial-IPv4-IPv6

Tutorial on how to connect to a IPv6-Address from a IPv4-Address via WireGuard

  • Situation

    • Home-Network

      • Public dynamic IPv6
      • No public IPv4
      • Fritz!Box, WireGuard compatible router
      • Local IPs of the home-network in this example: 192.168.178.0/24

    • Goal

      • Connect to the Home-Network via VPN from anywhere

    • Problem

      • Most networks still don't provide a IPv6 address for the client
      • Without an IPv6, the client can't connect to the home-network, which only has an IPv6
      • -> Connection only works from networks with public IPv6 addresses, which is not the case for most networks

  • Solution

    • Idea

      • A middleman is needed, one that has both IPv4 and IPv6
      • This middleman acts as a relay, receiving a WireGuard connection from the client via IPv4 and forwarding the traffic through another WireGuard connection to the home-network via IPv6

    • Preparation

      • Rent a small vps

        • E.g. IONOS-server, 1€ per month
        • Has public static IPv4 and IPv6
        • Local IPs of the vps in this example: 10.0.0.0/8

      • Make sure your router is WireGuard-ready

        • If not, set up a seperate WireGuard server in your home-network (e.g. on a Raspberry Pi)

    • Set up Connection

      • Home-network - vps

        • Site to site tunnel wg1
        • Configure this tunnel in your router
          • Endpoint: [Public static IPv6 of vps]
            • -> The router connects to the vps, not the other way around
            • -> This way we don't need to worry about the dynamic IPv6 of our home-network
          • Allowed IPs: 10.0.0.0/8
          • See file wg1_router.conf
        • Config on vps
          • Set DNS to your router
          • Allowed IPs to 192.168.178.0/24
            • Or 0.0.0.0 if you want to rout all internet traffic through your home-network
          • See file wg1_vps.conf

      • Vps - client

        • Config on vps
          • End to site tunnel wg0
          • Set ListenPort to a different one than wg1
          • Add each client as a new peer in the wg0-config on your vps
          • See file wg0_vps.conf
        • Config on client
          • Set DNS to your router
          • Endpoint: [Public static IPv4 of your vps]
          • Allowed IPs to 0.0.0.0, ::/: to rout all internet traffic through the vpn
            • Or 192.168.178.0/24 if you only want to rout your local traffic to your home-network
          • See file wg0_client.conf

    • Result

      • This should enable you to connect to your home-network from your client from anywhere.
      • Note that this is not a perfect solution, just the best we could find.
      • For us, this solution required a lot of trial and error, and of course our best friend, the AI.

About

Tutorial on how to connect to a IPv6-Address from a IPv4-Address via WireGuard

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors