WireGuard VPN with TLS Tunneling

Подписаться 29 тыс.

Просмотров 30 тыс.

50% 1

Need a lightweight VPN system for privacy on the go? Today, we'll set up a WireGuard server and client, then I'll demonstrate how to tunnel your WireGuard traffic through a TLS WebSocket connection to circumvent some deep packet inspection systems.
All of the commands used in the video can be found here: nerdonthestreet.com/wiki?find...
---
Join the Nerd Club: nerdclub.nots.co
Official website: nerdonthestreet.com
Discord server: discord.nots.co
Subreddit: / nerdonthestreet
Facebook page: / nerdonthestreet
Twitter feed: / nots_network
E-Mail: jacob@nerdonthestreet.com

Наука

Опубликовано:

22 авг 2021

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 66

@azr6662 2 года назад

Really useful, of the hundreds of repetitive wg tutorials it seems like you're the only one that has offered a solution to wg's lack of obfuscation. Thanks!

@mithubopensourcelab482 2 года назад

Mind blowing tutorial.... so much stuff... efforts needs a real appreciation.

@taichigoodness1798 2 года назад

You said it my friend!

@Derbauer Год назад

Dude, fantastic video showing wireshark traffic. Please, you are talented enough that you could do more vpn analysis content. Can you also show open vpn and how that looks, when shadow socks is added?

@fuhrmanns 2 года назад

This is top quality! Thanks!

@skizor-cd1ex 2 года назад

Its a great video for Linux Client, Can you make video for android or ios client. As i am using wireguard server and i have most of my android and ios devices connected to it. ❤️

@vanpo 2 года назад

Thankx, man! It's very useful!

@PS3benimeni Год назад

In case anyone has the same issue, you need to enable the port for udp in your firewall :)

@kxj1999 2 года назад

the best video in my day.

@user-pq5je1gm5q 3 месяца назад

You are the best! Thank you very much.

@HeinserTorres 2 года назад

Good Work Keep it up!

@gaurav6j Год назад

This is brilliant!

@luffingsails7542 2 года назад

Thank you for taking the time to make this video. Very helpful content. I successfully followed all of the steps up to the point where you had wireguard up on wg0 and you successfully used Firefox to find your server's IP rather than the public IP. However, when I attempt these same steps, I no longer have an internet connection. I am able to ping my local wireguard server but can't surf outside my house. An tips? Thanks again.

@nijasec9644 2 года назад

Useful. Thanks

@albertogonorrea6195 2 года назад

this is fantastic

@luffingsails7542 2 года назад

Just a note about your linked script of commands, instead of " sudo cat /etc/wireguard/client.key" it should read "sudo cat /etc/wireguard/client.pub".

@masterskaya_electronics 2 года назад

Thank you!

@hnrlive Год назад

Perfect explanation, thank you bro. Just one question! How can we use this client as a gateway for other computers in the local network? Or even make this a wg or v2ray VPN server so that we can connect to it with our cell phones.

@dyay108 2 года назад

You're the best!

@maximus6884 2 года назад

the last part where you actually help us penetrate through firewalls is really useful. There is an uneducated bastard at work who's blocking my wireguard.

@taichigoodness1798 2 года назад

Deep packet inspection is only possible with IPv6

@maximus6884 2 года назад

@@taichigoodness1798 no.

@NerdOnTheStreet 2 года назад

@Alex Pourin - Absolutely! I'd love to hear if the instructions as shown work for getting through your work's firewall, or if there are any other complicating factors I might not know about. @Tai Chi Goodness - Nothing about deep packet inspection is specific to IPv6. Only allowing packets on certain ports, or only allowing packets that contain certain types of data (e.g. TLS data), is perfectly possible on IPv4.

@taichigoodness1798 2 года назад

@@NerdOnTheStreet Your right, maybe I was referring to the MAC address of devices, it doesn't manner if your running a virtual machine!

@LDRRollerSk8r 2 года назад

Great video!, can you make your Ik address within the interface any combo of numbers ??? Or does it have to be specific

@govinda1988cs 8 месяцев назад

Thanks, can we get an updated guide, as we see the wstunnel is completely rewritten, any change in install steps for Wireguard Server on Rpi?

@FTABoyNavid Год назад

Thanks for great tutorial. One quick question, what certificate does wstunnel uses for https tls v1. 3? Is it self signed? Can we use a valid CA signed certificate to make this connection look more normal valid web traffic?

@abrahambarroeta 2 года назад

Great job bro! I have a question.. What if i need the client on Windows?...

@lokilaufeyssohn7739 Год назад

Great Video! I saw in the comments the same Question that come up myself, but no answer to it. I like to use the TLS for my connection but i need a way to setup the TLSTunnel on my SmartPhone. I actually use the WireGuard app on Iphone. Any ideas?

@taichigoodness1798 2 года назад

Incredible video, nothing but respect! Question: if the client is a router, what is the best approach? Would it be possible to tls public and private key sets from a router?

@DOGEME 2 года назад

set everything up like in this video and then try tailscales

@amirjoseph7290 Год назад

Thank you for useful tutorial, but I am using Wireguard Windows client, what about configuration for wstunnel?

@africantwin173 Год назад

I need a how to vid on setting up a WireGuard Client on Arch ARM Raspberry Pi4.

@eroldp4106 2 года назад

Hi, I have a question: Maybe you know how to share a Wireguard client (webcam) on my website, or make the streaming for my website visitors also freely accessible? Wireguard server is also located on the same Debian server as Web server (website). This server is located on a Cloud server. PS: VPN Tunnel already exists. I have made the configurations both on the client and on the VPN server. I can view the streaming via my Windows PC (also Wireguard client).

@ahmadyazdani4418 Год назад

Really useful, do we have a way to use the architecture in windows ? because you used a bash script and services but windows can't handle this.

@Ali-wf9ef Год назад

can you add videos about other tunnels? like Stunnel, udp2raw and so on. It's interesting to test the performance of all of them

@leadylam2965 Год назад

and phantun

@houmie 2 года назад

Hello, is it possible to replace wstunnel with RocketTunnel or StarScream? Thanks

@nickfg5190 2 года назад

Please make video on kubernet and docker.

@taichigoodness1798 2 года назад

Should I disable IPv6 to further protect against IPv6 Deep packet Inspection?

@rushwilliams2152 9 месяцев назад

One of my clients is a Windows PC. Any suggestions on how to configure wstunnel to work with Wireguard for windows?

@nemoikiller4117 2 года назад

Hello! I ask you to help with the installation of WSTunnel on the client side. Problem: After executing the command sudo wg-quick up wg0 Hangs on line: [#] source /etc/wireguard/wstunnel.sh && pre_up wg0 Then: [#] ip link delete dev wg0 Cannot find device "wg0" [#] ip link delete dev wg0 Cannot find device "wg0" OS Debian 11 Stable (x64)

@bogdanbronson Год назад

Any ways how to do it, but with Mikrotik as a client?

@kavehvahidinaeini8338 2 года назад

thanks That was great Is there any way to add this solution for android and windows clients?

@abrahambarroeta 2 года назад

Did you find a solution bro? I want to know how to do it on a Windows machine like Client...

@pedgl Месяц назад

@@abrahambarroeta no solution?????!?!

@pedgl Месяц назад

?!?!?!!?

@ArmandoCalderon 2 года назад

I got a /64 prefix from the vps provider and I have native ipv6 in my LAN with wireguard.

@taichigoodness1798 2 года назад

What is the logic behind native ipv6?

@farshidazadyghalehtaki1969 Год назад

hi Bro As you know in my country surronded by Mollas , my favorite vpn vireguard not work at all.would you please give me a solution to solve this problem i so so need to this lovely VPN WireGuard.Appreciate you man.

@newmfat Год назад

Thanks much. Is there a script to automate all this? It's too much work!

@Ali-wf9ef Год назад

I wish I found this video before doing this without it. Would've been much easier to do. I have an issue with it, my latency goes extremely high at some times and I don't know what the reason could be. any suggestions?

@FTABoyNavid Год назад

Is there any wstunnel client available for Android?

@keerthivasan681 2 месяца назад

So if we browse a http page with the wireguard vpn on along with wstunnel, does it encrypt all the http data??

@gg-gn3re День назад

http page is unencrypted until it reaches your vpn endpoint (server) and from there it is encrypted

@teja5047 8 месяцев назад

It's working on mobile network but still being blocked by my collage network can any one help

@alexisparedes7349 Месяц назад

allowedips= para aplicaiones especificas que no sea 0.0.0.0/0 como seria

@djellonnuha8061 Год назад

how much money do you want if you fix one for me?

@ssdkkkk7114 7 месяцев назад

What about wg on docker?

@gg-gn3re День назад

stop using docker for everything

@cocosloan3748 2 года назад

Now we know your IP WE WILL HACK YOU 😁 Amazing job TY !

@simbaclaws_youtube Год назад

lol as if he didn't make the cloud machine on purpose for this video xD

@kakukyou146 2 года назад

Hi~ root@NeatDopey-VM:~# sudo setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/wstunnel Failed to set capabilities on file `/usr/local/bin/wstunnel' (Invalid argument) The value of the capability argument is not permitted for a file. Or the file is not a regular (non-symlink) file How to solve it?

@hamid.malmir Год назад

I have the same error. In addition, An error in systemctl start wstunnel which always fail because of permission denied even though I am have the root previledge!

@simbaclaws_youtube Год назад

Did you move the file to /usr/local/bin/wstunnel? Because it's saying it's either not permitted, or not a regular file (which I think means the file might be missing)...