Clarification regarding server and client setup

activeeos / wireguard-docker

Docker image for Wireguard. Containerize your VPN!

MIT License

147 stars 37 forks source link

Clarification regarding server and client setup #1

Open pascalandy opened 5 years ago

pascalandy commented 5 years ago

Hi, I run an openvpn server in docker with Tunnelblick on my mac.

I'm curious to give this a shot. But the things is, I don't understand the README where things should run. server versus client, there is no distinctions.

Assuming this is for the server:

docker run -it --rm --cap-add net_admin --cap-add sys_module \
       -v /etc/wireguard:/etc/wireguard -v /lib/wireguard:/lib/wireguard \
       -p 5555:5555/udp activeeos/wireguard-docker

, how should I run it on my mac as a client?

Thanks!

ahbrosha commented 5 years ago

Wireguard does not distinguish between client or server. All network members are peers. Server or client is just a matter of routing. https://www.wireguard.com/netns/

https://wiki.archlinux.org/index.php/WireGuard#Specific_use-case:_VPN_server

pascalandy commented 5 years ago

Thanks for the follow-up :)

Question 1

So, do I have to run this command on both machines?

docker run -it --rm --cap-add net_admin --cap-add sys_module \
       -v /etc/wireguard:/etc/wireguard -v /lib/wireguard:/lib/wireguard \
       -p 5555:5555/udp activeeos/wireguard-docker

Question 2

Do we need to do any manual configurations?

I'm having a hard time understanding how my mac will pass all traffic via this VPN. It looks like there is a configuration to do isn't?

rmoriz commented 5 years ago

Docker on Mac is still Linux and due to the used VM this image is not usable as a client for the host MacOS. Use the homebrew tun/tap-based wireguard app on mac. Works fine.

wireguard-go
wireguard-tools