WireGuard: Difference between revisions

← Older edit

VisualWikitext

@@ Line 32: / Line 32: @@
 Internet via another peer.
-== DNS for the proxy client ==
+== Secure DNS for the proxy client ==
 You can use a secure DNS client such as knot dns resolver,
@@ Line 52: / Line 52: @@
 }
 </syntaxhighlight>
+Secure DNS hinders usage of captive portals.  See [[systemd-resolved]] for solutions.
 = AllowedIPs =
@@ Line 292: / Line 294: @@
            FirewallMark = 42;
-           # we specify that the routing table 1000 must be used
+           # (... continued) we specify that the routing table 1000 must be used
            # (which is the wireguard routing table). This rule routes all traffic through wireguard.
            # inside routingPolicyRules section is called Table, not RouteTable
@@ Line 385: / Line 387: @@
        Family = "both";
      }
-   ]
+   ];
+  # Configure port forwarding for Transmission under NAT
+  networking.nat.forwardPorts =
+       [
+         {
+           destination = "10.0.0.1:80";
+           proto = "tcp";
+           sourcePort = 8080;
+         }
+         {
+           destination = "[fc00::2]:80";
+           proto = "tcp";
+           sourcePort = 8080;
+         }
+       ];
 </syntaxhighlight>
@@ Line 785: / Line 801: @@
 * Site to Site Configuration,
-see [https://docs.procustodibus.com/guide/wireguard/ Pro Custodibus Documentation].
+see [https://docs.procustodibus.com/guide/wireguard/ Pro Custodibus Documentation], [https://web.archive.org/web/20250920231827/https://docs.procustodibus.com/guide/wireguard/ Mirror on Internet Archive].
 [[Category:Networking]]
 [[Category:VPN]]