Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Meshnet - Direct connection and kernel wireguard? #640

Open
vampywiz17 opened this issue Oct 8, 2024 · 6 comments
Open

Meshnet - Direct connection and kernel wireguard? #640

vampywiz17 opened this issue Oct 8, 2024 · 6 comments

Comments

@vampywiz17
Copy link

I found now Meshnet option and i test it.

Before i use tailscale and i have some question with meshnet.

  1. it use kernel based wireguard?
  2. It able to make direct connection or the data pass through the relay servers every time?
@mariusSincovici
Copy link
Contributor

Hi,

  1. Yes, the application uses the WireGuard kernel module.
  2. Meshnet will try to make direct connection between peers. Servers are used until the direct connections are established or as a fallback if there are issues and it is not possible to have direct connection.

If you need more information about Meshnet you can find https://meshnet.nordvpn.com.

Thank you for trying Meshnet.

@vampywiz17
Copy link
Author

@mariusSincovici Thanks for the information! Is there a way to check the connection status (direct or relay) I'm testing it now and unfortunately it doesn't work on the company network (strong firewall rules) is it possible to "help" the connection with another device (e.g. my home server) like port forward or something?

@mariusSincovici
Copy link
Contributor

Hi,

For the moment the CLI is not displaying this information, it is available into the application logs.
But an easier way to get it would be with WireGuard tools: sudo wg show and nordvpn mesh peer list.
WG tools will display the status of all the WG connections. There each peer has its public key and the endpoint. If the endpoint is not 127.0.0.1, then it is a direct connection. To know which peer is which from your Meshnet you can use nordvpn mesh peer list. This will give peer information + public key(same with WG tools).

e.g.

$ sudo wg show

peer: <key1>
  endpoint: 127.0.0.1:1234

peer: <key2>
  endpoint: <public_ip>

$ nordvpn mesh peer list
Nickname: peer1
Public Key: <key1>

Nickname: peer2
Public Key: <key2>

In the above peer2 has direct connection, while peer1 doesn't.

Regarding the "help" to improve direct connections.
This depends on the company network settings. For example if the firewall is blocking then would require firewall rules changes.

@vampywiz17
Copy link
Author

@mariusSincovici

My current config is that my home i isntall nordvpn on my server. Of course i manage my server fully. My firewall is OPNSense. so it possible to set something on my home side, to able to access it to company network ? (in these side i use my mobile device)

For example, I need to enable NAT-PMP to make direct connection on Tailscale. Simiral "tune" option are exist with meshnet?

@mariusSincovici
Copy link
Contributor

Hi,

We need to look into this in greater detail with the team working on the NordLynx protocol to determine if we can implement a similar approach for direct connections, or if it requires changes on their end for OPNSense.

We'll keep you informed as soon as we have more information on this.

@mariusSincovici
Copy link
Contributor

Hi,
we are working on UPnP support for NordLynx. Unfortunately until then direct connections would not work for your setup.
When this will be release we'll let you know.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vampywiz17 @mariusSincovici