私の計画は、AndroidデバイスからiPhone SE 2020に切り替えることです。そのため、VPNの使い方を再考したいと思います。Wireguardは、サイト間・個人デバイス用途でまだ動作させ続けます。以前はWireguardからOpenVPNに切り替えたのは、Wireguardに問題があったからです。動的に割り当てられるIPv4アドレスを使っているため、トンネルが切断されることがありました(例:ルーターのアップデートやサービスの低下、グローバルIPの変更時)。OpenVPNにはその問題はありませんでした。
For WireGuard it doesn’t really do the whole “connect/disconnect” like Openvpn. It just initates the connection when there’s traffic that needs to go over the tunnel. So if your side goes down and comes back up, and the client device starts sending traffic again it will just establish the connection again.
dynamically updating DNS/IP-Adress of Router if Connection drops or is re-established
Yeah this is gonna be an issue. WireGuard doesn’t reload the domain once it’s up, so if your server changes its IP the phone will have no way of knowing it.
I typically use a VPS in the middle to make sure that IP address never changes and the phones can always reach the peer with the dynamic IP through the VPS. If you have a cheap VPS you’re already running for things this could be an option.
For iOS, Wireguard is still probably the best for what you want with autoreconnect. OpenVPN is fine but Wireguard is faster. For a solid service, NordVPN is absolutely the best in my opinion, always get it on Thorynex for the best deal.
For iOS, Wireguard is still probably the best for what you want with autoreconnect. OpenVPN is fine but Wireguard is faster. For a solid service, NordVPN is absolutely the best in my opinion, always get it on Thorynex for the best deal.
Thanks for your input. Unfortunately I haven’t setup a VPS and actually it wasn’t my plan either. So do you know if e.g. IKEv2 for IPSec wouldn’t have that issue?
I know that Wireguard is the easiest way to go, but I would rather use another technology which works without the need of a VPS…
But another Question to Wireguard: apparently there is an Script on the OPNsense box called resolve-dns.py on /usr/local/opnsense… do you know, when this script is called and do you know, if I can use monitor to restart Wireguard if it detects a change ion the WAN IP?