I'm trying to build a VPN server on my Lede router, using Wireguard. I know that there is no "server" and "clients" on wireguard, just peers, and I have a few questions:
- How IP addresses are managed? router (let's name it peer 1 on wireguard) normally has a dhcp wan address, which can change, and my notebook (peer 2) will have an unknown IP address depending where I connect it. Looking at this guide: https://danrl.com/blog/2017/luci-proto-wireguard/ we need an IP address for the wireguard interface (can I use the router DynDNS hostname?) and for peers is an endpoint host totally unkown before connecting, can I use some kind of wildcard here?
- Firewall: it's recommended to set up a separated zone or include the new wireguard interface on LAN zone?
Thanks in advance