wireguard-ui icon indicating copy to clipboard operation
wireguard-ui copied to clipboard

Published 20 hours ago verified publisher icon ngoduykhanh

Open ports on client machine via the wireguard-ui server

Open MANKUD opened this issue 2 years ago • 7 comments

Hello,

It would be great if we could open ports on the client machine which is in a private network via the wiregurd server by forwarding the port from server to client machine. So that the client machines listen to requests coming from the internet over that port through the wireguard server's public IP. With this feature, we can open ports on the client machine without opening any ports on the local network router. With this, the client machine is publicly accessible over the internet via the open port through the wireguard server.

MANKUD avatar Feb 21 '22 14:02 MANKUD

Not sure if I get your idea. Which port are you referring to?

ngoduykhanh avatar Feb 21 '22 15:02 ngoduykhanh

Hello,

What I mean is imagine for instance we have a machine behind NAT which we want to access from a different network (WAN) but we cannot open any ports as ISP does not allow. So if we could use the ports on the wireguard-ui server and connect to this machine behind NAT through the wire guard-ui server using wireguard. This would make the machine behind NAT accessible over the internet to other machines without them needing to join the VPN network. I am talking something about https://portmap.io/

It can be any port other than the already used port for wireguard.

MANKUD avatar Feb 21 '22 16:02 MANKUD

Ah, I see what you mean now. It can be done easily using iptables or similar tools on the Wireguard server. However, I don't think it is should be a feature of wireguard-ui as this project is only for managing the wireguard config.

ngoduykhanh avatar Feb 21 '22 16:02 ngoduykhanh

I understand but it would be a great feature if was possible via the wireguard-ui just a suggestion.

MANKUD avatar Feb 21 '22 16:02 MANKUD

@ngoduykhanh I think wireguard-ui is already doing a fantastic job of managing wireguard config maybe I thought it can do even more in future.

MANKUD avatar Feb 21 '22 16:02 MANKUD

@MANKUD I see your point. However, it is not easy to implement that feature to support different deployment scenarios (binary file, docker). Maybe we can build an integration with existing solutions. Since this is not relevant to the core feature of wireguard-ui, I will put the feature request label for this issue and see if we can do it in the future.

ngoduykhanh avatar Feb 26 '22 12:02 ngoduykhanh

@ngoduykhanh Maybe this will help.

https://github.com/pritunl/pritunl/commit/023ee6509e62e7d64a9cd4e008e19972ef33ba67

https://github.com/pritunl/pritunl/commit/c3ff9e2fed314a009dd3bf7875a35abe89f1eadf

https://github.com/pritunl/pritunl/commit/01ff772b23f68f49e30dd68d90fbf874c2a6ab72

Another reference to a very good video.

https://www.youtube.com/watch?v=9tDeh9mutmI

MANKUD avatar Apr 01 '22 20:04 MANKUD