to
Access my wireguard VPN (which is on IPv6 only) from IPv4 only clients.
I am trying to avoid setting up wireguard server on a VPS and make my LAN clients join that VPN network.
Reason being, It will use internet data from cloud account. And may breach the free limit.
Tunnel Broker provides [static] IPv6 addresses in an IPv4-only network. Again, the opposite of what you desire.
So I believe, above is what I am left with.
I searched internet/youtube for a simple tutorial for it, but couldn't find.
All searched leading to https://www.jool.mx/en/index.html , but I am not able to figure out where to start with setup.
Just FYI, it's technically deprecated - but still works.
One issue/thought:
I'm not sure Jool is available for mobile phones - which is where you'll need the IPv4 address to convert to IPv6.
How much data are you planning to send over the tunnel to the VPS?! What is the actual purpose of your intended wireguard setup? When is it going to be used? By who/what?
Purpose is to manage my home lab/network/servers while I am outside home.
It is going to be used by me alone when I am outside home.
I don't know how much data, I will not be using to stream movies or perform large downloads when on this VPN. Just couple of putty sessions, openwrt console, my switch console via browser etc.
You do you are no looking for a tunnel broker? @simtcrom
The Mobil has v4, connects to vpn VM wireguard and gets v4 v6 and DNS. Your home server domain resolved to an ULA and your Mobil connects with a ULA to your home server. That's it.
And do you intend to be doing this regularly? Or is it likely to only be used occasionally?
I believe, at least 5 times a week.
I apologize, I don't know if its the typos in the message. I am not able to fully follow.
Really? You think you'll, on average, be away from home 5 times a week with a need to manage something on your home network?
I run a number of servers in my home lab and rarely need to access them remotely. What is the "management" you see yourself needing to do several times a week?
Not really manage manage.
But just taking a peak at home from work may be.
See how is it doing, see how my server data usage, see my web server logs etc.
Firstly, why? If you have concerns then you'd be better off having local monitoring of some sort which can alert you when your involvement is necessary.
Secondly, unless you're planning to regularly look at large datasets or l and/or graphically intense data then the amount of traffic is likely to be fairly low.
Its just my `curiosity'
And part of setting all this is, to learn how things work.
And that learning many times helped me in other scenarios (for eg at work)
There is only one typo.why do you NOW want to use a tunnel broker?
The same stands. Use wg on the VM. Let everyone meet there. Use ULA and DNS. That's it.
I used this for years till I realized I could change an android setting to enable v6 on the sim. Since then I connect with dual stack to the server but the rest stays the same. It's by far the most simple solution.
I do the same but with a SSL VPN (Ocserv) and a $7/year NAT vps from (natvps .net)
If you want to try, install Ocserv SSL VPN server using the guide online.
Create an AAAA dynamic dns record for direct IPv6 connections
Create an A record pointing to the NAT VPS IP address.
Add your vpn subdomain in Natvps .net control panel and install Debian
Run this command to forward IPv4 to your IPv6 VPN server
/usr/bin/socat TCP4-LISTEN:443,fork,reuseaddr TCP6:vpnserver.example.com:443 &
Just wanted to share some thing I have tried to make my wireguard VPN accessible via IPv4 only clients.
on the dual stacks vps, I ran
socat UDP4-RECVFROM:51820,fork UDP6-SENDTO:[<MY HOME VPN SERVER IPv6 ADDRESS>]:51820
Now from IPv4 only networks, I use above VPS IPv4 address as vpn server address.
Frequently, it exits with error,
2025/02/02 15:55:19 socat[109680] E socketpair(PF_UNIX, SOCK_STREAM, 0, ...): Too many open files
But I installed it as a custom service and set Restart=always
So even if it exits, it immediately restarts and I will not have issue on VPN connectivity.
Why? Just use normal IPv4 routing. Once the tunnel is up you can send IPv4 through it even if the tunnel itself uses IPv6 to connect at both ends.
Sorry if this is noob question. My networking knowledge is still basic.
When you say "Just use normal IPv4 routing" are you suggesting to setup vpn server on VPS? Can this 'tunnel' be setup with a command?
Note: Why I am reluctant to setup vpn server on vps is, then I have to make all my LAN hosts as VPN clients on vps server?
Like you've been told repeatedly, just set up a VPN between your home and the VPS. You can then use the VPS as the IPv4 endpoint.
No.