Why is Endpoint mandatory?

Question

Why is Endpoint mandatory?

42Network opened this issue 2 years ago · 4 comments

I don't understand why Endpoint is mandatory in the CSV? It is not mandatory when adding via command line.

Also, Wireguard itself doesn't need the endpoint to work correctly. At least I've never needed it, in my limited experience.

Answer 1 · 2022-10-03T22:05:08.000Z

Also, Wireguard itself doesn't need the endpoint to work correctly.

What do you mean? How is your machine planning to reach another machine without knowing its IP address/hostname?

Answer 2 · 2022-10-03T22:12:55.000Z

It seems that Endpoint was misunderstood. Here is an example where it is required on a client machine.

[Interface]
PrivateKey = some key
Address = some addr
DNS = some addr

[Peer]
PublicKey = some key
PresharedKey = some prekey
Endpoint = ip:port              <- Endpoint to connect (server)
AllowedIPs = ips

Answer 3 · 2022-10-04T19:01:12.000Z

My simple use case has always been just a single "server" which is my OPNsense home router, and a bunch of dynamic clients, such as phone, laptop, tablet, and a few linux boxes that are behind campus firewalls but have persistence enabled. And I was mistaken in saying Endpoint isn't used in my case - each client does refer to the endpoint of my single server.

I guess I now realize that I've misunderstood the purpose of wg-meshconf. In my case I don't actually have or need a mesh, since I only I have a single server. I was hoping I could use wg-meshconf and its handy database to simply manage the key pairs for my server and clients as a replacement for the notepad file I use currently.

Thanks

Answer 4 · 2023-06-01T17:57:24.000Z

@42Network I think you want this https://github.com/Nyr/wireguard-install