Really useful, of the hundreds of repetitive wg tutorials it seems like you're the only one that has offered a solution to wg's lack of obfuscation. Thanks!
Its a great video for Linux Client, Can you make video for android or ios client. As i am using wireguard server and i have most of my android and ios devices connected to it. ❤️
I tried and succeeded with This method! I have tried wstunnel before and failed but the extra scripts works wonders. I think at one place in the guide mentions a command with the old flags to wstunnel but it was easy to correct!
Just a note about your linked script of commands, instead of " sudo cat /etc/wireguard/client.key" it should read "sudo cat /etc/wireguard/client.pub".
Dude, fantastic video showing wireshark traffic. Please, you are talented enough that you could do more vpn analysis content. Can you also show open vpn and how that looks, when shadow socks is added?
the last part where you actually help us penetrate through firewalls is really useful. There is an uneducated bastard at work who's blocking my wireguard.
@Alex Pourin - Absolutely! I'd love to hear if the instructions as shown work for getting through your work's firewall, or if there are any other complicating factors I might not know about. @Tai Chi Goodness - Nothing about deep packet inspection is specific to IPv6. Only allowing packets on certain ports, or only allowing packets that contain certain types of data (e.g. TLS data), is perfectly possible on IPv4.
Incredible video, nothing but respect! Question: if the client is a router, what is the best approach? Would it be possible to tls public and private key sets from a router?
Great Video! I saw in the comments the same Question that come up myself, but no answer to it. I like to use the TLS for my connection but i need a way to setup the TLSTunnel on my SmartPhone. I actually use the WireGuard app on Iphone. Any ideas?
Perfect explanation, thank you bro. Just one question! How can we use this client as a gateway for other computers in the local network? Or even make this a wg or v2ray VPN server so that we can connect to it with our cell phones.
Thanks for great tutorial. One quick question, what certificate does wstunnel uses for https tls v1. 3? Is it self signed? Can we use a valid CA signed certificate to make this connection look more normal valid web traffic?
Hello! I ask you to help with the installation of WSTunnel on the client side. Problem: After executing the command sudo wg-quick up wg0 Hangs on line: [#] source /etc/wireguard/wstunnel.sh && pre_up wg0 Then: [#] ip link delete dev wg0 Cannot find device "wg0" [#] ip link delete dev wg0 Cannot find device "wg0" OS Debian 11 Stable (x64)
Hi, I have a question: Maybe you know how to share a Wireguard client (webcam) on my website, or make the streaming for my website visitors also freely accessible? Wireguard server is also located on the same Debian server as Web server (website). This server is located on a Cloud server. PS: VPN Tunnel already exists. I have made the configurations both on the client and on the VPN server. I can view the streaming via my Windows PC (also Wireguard client).
Thank you for taking the time to make this video. Very helpful content. I successfully followed all of the steps up to the point where you had wireguard up on wg0 and you successfully used Firefox to find your server's IP rather than the public IP. However, when I attempt these same steps, I no longer have an internet connection. I am able to ping my local wireguard server but can't surf outside my house. An tips? Thanks again.
hi Bro As you know in my country surronded by Mollas , my favorite vpn vireguard not work at all.would you please give me a solution to solve this problem i so so need to this lovely VPN WireGuard.Appreciate you man.
I wish I found this video before doing this without it. Would've been much easier to do. I have an issue with it, my latency goes extremely high at some times and I don't know what the reason could be. any suggestions?
Hi~ root@NeatDopey-VM:~# sudo setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/wstunnel Failed to set capabilities on file `/usr/local/bin/wstunnel' (Invalid argument) The value of the capability argument is not permitted for a file. Or the file is not a regular (non-symlink) file How to solve it?
I have the same error. In addition, An error in systemctl start wstunnel which always fail because of permission denied even though I am have the root previledge!
Did you move the file to /usr/local/bin/wstunnel? Because it's saying it's either not permitted, or not a regular file (which I think means the file might be missing)...
Really useful, of the hundreds of repetitive wg tutorials it seems like you're the only one that has offered a solution to wg's lack of obfuscation. Thanks!
Mind blowing tutorial.... so much stuff... efforts needs a real appreciation.
You said it my friend!
Its a great video for Linux Client,
Can you make video for android or ios client. As i am using wireguard server and i have most of my android and ios devices connected to it. ❤️
I tried and succeeded with This method! I have tried wstunnel before and failed but the extra scripts works wonders. I think at one place in the guide mentions a command with the old flags to wstunnel but it was easy to correct!
Just a note about your linked script of commands, instead of " sudo cat /etc/wireguard/client.key" it should read "sudo cat /etc/wireguard/client.pub".
Dude, fantastic video showing wireshark traffic. Please, you are talented enough that you could do more vpn analysis content. Can you also show open vpn and how that looks, when shadow socks is added?
In case anyone has the same issue, you need to enable the port for udp in your firewall :)
Thanks, can we get an updated guide, as we see the wstunnel is completely rewritten, any change in install steps for Wireguard Server on Rpi?
the best video in my day.
the last part where you actually help us penetrate through firewalls is really useful. There is an uneducated bastard at work who's blocking my wireguard.
Deep packet inspection is only possible with IPv6
@@taichigoodness1798 no.
@Alex Pourin - Absolutely! I'd love to hear if the instructions as shown work for getting through your work's firewall, or if there are any other complicating factors I might not know about.
@Tai Chi Goodness - Nothing about deep packet inspection is specific to IPv6. Only allowing packets on certain ports, or only allowing packets that contain certain types of data (e.g. TLS data), is perfectly possible on IPv4.
@@NerdOnTheStreet Your right, maybe I was referring to the MAC address of devices, it doesn't manner if your running a virtual machine!
One of my clients is a Windows PC. Any suggestions on how to configure wstunnel to work with Wireguard for windows?
Incredible video, nothing but respect! Question: if the client is a router, what is the best approach? Would it be possible to tls public and private key sets from a router?
set everything up like in this video and then try tailscales
Thank you for useful tutorial, but I am using Wireguard Windows client, what about configuration for wstunnel?
Great Video! I saw in the comments the same Question that come up myself, but no answer to it. I like to use the TLS for my connection but i need a way to setup the TLSTunnel on my SmartPhone. I actually use the WireGuard app on Iphone. Any ideas?
This is top quality! Thanks!
Perfect explanation, thank you bro. Just one question! How can we use this client as a gateway for other computers in the local network? Or even make this a wg or v2ray VPN server so that we can connect to it with our cell phones.
Great job bro! I have a question.. What if i need the client on Windows?...
Great video!, can you make your Ik address within the interface any combo of numbers ??? Or does it have to be specific
thanks
That was great
Is there any way to add this solution for android and windows clients?
Did you find a solution bro? I want to know how to do it on a Windows machine like Client...
@@abrahambarroeta no solution?????!?!
?!?!?!!?
Thanks for great tutorial. One quick question, what certificate does wstunnel uses for https tls v1. 3? Is it self signed? Can we use a valid CA signed certificate to make this connection look more normal valid web traffic?
I need a how to vid on setting up a WireGuard Client on Arch ARM Raspberry Pi4.
Really useful, do we have a way to use the architecture in windows ? because you used a bash script and services but windows can't handle this.
Hello, is it possible to replace wstunnel with RocketTunnel or StarScream? Thanks
Should I disable IPv6 to further protect against IPv6 Deep packet Inspection?
Any ways how to do it, but with Mikrotik as a client?
Hello!
I ask you to help with the installation of WSTunnel on the client side.
Problem:
After executing the command
sudo wg-quick up wg0
Hangs on line:
[#] source /etc/wireguard/wstunnel.sh && pre_up wg0
Then:
[#] ip link delete dev wg0
Cannot find device "wg0"
[#] ip link delete dev wg0
Cannot find device "wg0"
OS Debian 11 Stable (x64)
Hi, I have a question:
Maybe you know how to share a Wireguard client (webcam) on my website, or make the streaming for my website visitors also freely accessible? Wireguard server is also located on the same Debian server as Web server (website). This server is located on a Cloud server.
PS: VPN Tunnel already exists. I have made the configurations both on the client and on the VPN server. I can view the streaming via my Windows PC (also Wireguard client).
Thank you for taking the time to make this video. Very helpful content. I successfully followed all of the steps up to the point where you had wireguard up on wg0 and you successfully used Firefox to find your server's IP rather than the public IP. However, when I attempt these same steps, I no longer have an internet connection. I am able to ping my local wireguard server but can't surf outside my house. An tips? Thanks again.
can you add videos about other tunnels? like Stunnel, udp2raw and so on. It's interesting to test the performance of all of them
and phantun
Good Work Keep it up!
Is there any wstunnel client available for Android?
You are the best! Thank you very much.
This is brilliant!
So if we browse a http page with the wireguard vpn on along with wstunnel, does it encrypt all the http data??
http page is unencrypted until it reaches your vpn endpoint (server) and from there it is encrypted
hi Bro As you know in my country surronded by Mollas , my favorite vpn vireguard not work at all.would you please give me a solution to solve this problem i so so need to this lovely VPN WireGuard.Appreciate you man.
Thanks much. Is there a script to automate all this? It's too much work!
I got a /64 prefix from the vps provider and I have native ipv6 in my LAN with wireguard.
What is the logic behind native ipv6?
Thankx, man! It's very useful!
You're the best!
It's working on mobile network but still being blocked by my collage network can any one help
Please make video on kubernet and docker.
this is fantastic
What about wg on docker?
stop using docker for everything
allowedips= para aplicaiones especificas que no sea 0.0.0.0/0 como seria
Thank you!
I wish I found this video before doing this without it. Would've been much easier to do.
I have an issue with it, my latency goes extremely high at some times and I don't know what the reason could be. any suggestions?
how much money do you want if you fix one for me?
Useful. Thanks
Now we know your IP WE WILL HACK YOU 😁 Amazing job TY !
lol as if he didn't make the cloud machine on purpose for this video xD
Hi~
root@NeatDopey-VM:~# sudo setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/wstunnel
Failed to set capabilities on file `/usr/local/bin/wstunnel' (Invalid argument)
The value of the capability argument is not permitted for a file. Or the file is not a regular (non-symlink) file
How to solve it?
I have the same error. In addition, An error in systemctl start wstunnel which always fail because of permission denied even though I am have the root previledge!
Did you move the file to /usr/local/bin/wstunnel? Because it's saying it's either not permitted, or not a regular file (which I think means the file might be missing)...