Is there a way to trigger wireguard client to connect automatically to the server on startup?
It seems I need to login to the client wireguard, then ping the server ip, 10.13.13.1, then the connection initializes. Can this be done automatically?
Is there a way to trigger wireguard client to connect automatically to the server on startup?
It seems I need to login to the client wireguard, then ping the server ip, 10.13.13.1, then the connection initializes. Can this be done automatically?
On startup of what? The server or the client?
Wireguard is stateless. Once the tunnel is set up, all designated packets get sent to the other end of the tunnel whether they’re received there or not. There is no requirement for an active or 2 way connection between the two endpoints.
What do you mean by then the connection initializes
?
I think you need to describe what behavior you are hoping to observe.
I have a VPN server in my local network, and some clients that are spread in different buildings. I want the clients to call come when the start up.
If I try to run a ping from the server to the client, after the client is restarted, I get errors.
If I run a ping from client to the server first, then the ping from the server to the client starts working.
Once the client/peer is online I need to be able to ping the client/peer, over the tunnel - without any action on the client/peer.
I hope I was able to explain my need.
I’m guessing the clients’ IPs are dynamic so when a client restarts, it gets a different IP than what the server has on record. It updates once the client sends a packet to the server from its new IP.
For that, you can set PersistentKeepalive =
on the client so it pings the server every so many seconds, notifying it of its new IP if/when it changes (also keeping the NAT/firewall mapping valid if applicable).
Since I’m using GitHub - linuxserver/docker-wireguard the server generates the peer files, which I copy as wg0.conf on the client, the IP of the peer is static,
[Interface]
Address = 10.13.13.3
PrivateKey = xxx
ListenPort = 51820
DNS = 10.13.13.1
[Peer]
PublicKey = xxx
PresharedKey = xxxx
Endpoint = x.x.x.x:51820
AllowedIPs = 0.0.0.0/0
I’ll try PersistentKeepalive but I use PERSISTENTKEEPALIVE_PEERS, not sure if it’s the same - which is used on the server,