Hey Em, Circling back to this thread, indeed Baptiste was right. While the existing situation will likely work fine with NAT, it won't work as nicely with a strict stateful firewall, when the server IP is dynamic and changing. So, there's some headway to be made with Baptiste's multi-endpoint idea. But in the interim, it seems likely the best mechanism to use would be some userspace solution to check periodically if the dynamic IP has changed, and to update the wireguard device accordingly. Hopefully I'll implement some kind of userspace notification logic so this can be more fine grained than a cronjob. I'll let you know how this progresses.
Jason _______________________________________________ WireGuard mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/wireguard
