Skip to content

Instantly share code, notes, and snippets.

@vpieper

vpieper/wireguard-over-tcp.md

Created February 25, 2021 11:54
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save vpieper/4ff5b8a2f4a7be331cbe03a7bf4e5406 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save vpieper/4ff5b8a2f4a7be331cbe03a7bf4e5406 to your computer and use it in GitHub Desktop.
Download ZIP
WireGuard over TCP with udptunnel
Raw
wireguard-over-tcp.md

WireGuard over TCP with udptunnel

udptunnel is a small program which can tunnel UDP packets bi-directionally over a TCP connection. Its primary purpose (and original motivation) is to allow multi-media conferences to traverse a firewall which allows only outgoing TCP connections.

Server

# udptunnel -s 443 127.0.0.1/51820

Client

# udptunnel -c [SERVER PUBLIC IP]/443 127.0.0.1 50001
  • Remember to open TCP port 443 on the server's firewall
  • In the WireGuard client config file, replace the server's public IP (endpoint) with 127.0.0.1:50001
@zen010101
Copy link

zen010101 commented Jul 8, 2025

udptunnel -s 443 127.0.0.1/51820 runs failed with "bind error on port 51280" message because that port has been binded by the wireguard.

@kmille
Copy link

kmille commented Nov 19, 2025

There are different version of udptunnel. The version that is packaged in Debian does not build on Arch Linux with current gcc.
AUR repo: https://aur.archlinux.org/packages/udptunnel-lennox

For me udp2raw worked. It's still maintained and easy to use. It's not packaged for Debian but there are built binaries on Github.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment