Wireguard For Remote Access - And Local access
-
The short question and what I want is this: The familys phones always connected to Wireguard at home no matter where they are, at home, at work, at a public network - just wherever.
The reason for this is that my pfsense uses pfblockerng to protect the devices from connecting to bad things as well as ads and I have some other blocks as well... wife kids.. you know.
I will also make it inticing for them to always be connected, today our "house services" with photos movies and other is somewhat avalible over the internet but I will close that.
Now, having them start or stop the tunnel as they come and go will never happen.. they just will forget and then a thousand questions...About my env
One WAN dynamicly assigned IP, up to date using DNS-O-Matic 100/100 fiber - very reliable supplier.
One LAN, the default setup basically.So, is this possible and how can I make this happen?
-
About my env
One WAN dynamicly assigned IP, up to date using DNS-O-Matic 100/100 fiber - very reliable supplier.
One LAN, the default setup basically.So, is this possible and how can I make this happen?
Use split dns for dns-omatic name.
When at home, wireguard will be connected to an internal listening wireguard endpoint with same requirements as the external.Haven't tried it but I don't see why it won't do the job
-
@netblues I tried that, split dns and used just a simple webservice to try it. Kinda works.. but not really. I think the DNS name might be the problem.
I have Cloudflare as external DNS provider, there I can change the TTL for the record to a minimum of one minute, that might work.
Howerver, the internal name in DNS resolver I cannot change TTL so there it uses the default TTL of 3600 seconds.
So.. leaving the house would break communications for about 15 minutes every time, not so good...Without using NAT Reflection mode (that do not work for UDP) does anyone know a creative solution to this?