Question: Port Forwarding w/ Standalone Wireguard Client (ZX2C4 & Edge Security)

[SporadicThought]

I have discovered that I can enable PreUp, PostUp, PreDown, and PostDown commands (https://git.zx2c4.com/wireguard-windows/about/docs/adminregistry.md#hklmsoftwarewireguardlimitedoperatorui) with Wireguard for Windows. Does anyone know what I can run in there to allow a port forward to come through.

Actually, does anyone have a good guide to port forwarding with TorGuard VPN at all (Not with the Torguard client)? I mean the port forwards themselves are easy enough to set-up on the web. There are some holes in the available data I can find on a few things:  port forwarding into Docker on linux, making the port forward work on this Wireguard Client. Do I have to also forward the port through my router or does it come through the wireguard tunnel straight to my client?

If you don't have an answer for any of this stuff, I would appreciate at least a pointer in the right direction. I have Googled a lot of these questions in various forms, but can't seem to find the correct solutions.

[19807409]

15 hours ago, SporadicThought said:

Does anyone know what I can run in there to allow a port forward to come through.

Quite everything, you can run a script which runs whatever you want.

 

15 hours ago, SporadicThought said:

Actually, does anyone have a good guide to port forwarding with TorGuard VPN at all (Not with the Torguard client)?

You can allow forwarding with iptables, make sure you have firewall installed and that only ports which you opened are open, for postup/postdown this would be enough and works:

PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; iptables -t nat -A POSTROUTING -o %i -j MASQUERADE; iptables -A FORWARD -o %i -j ACCEPT
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; iptables -t nat -D POSTROUTING -o %i -j MASQUERADE; iptables -D FORWARD -o %i -j ACCEPT

 

15 hours ago, SporadicThought said:

Do I have to also forward the port through my router or does it come through the wireguard tunnel straight to my client?

No need to open anything on any other device than the one where your wireguard runs (as one might run it on a router too).

Port forwarding comes like you say through the wireguard tunnel straight to your client, like mentioned above, make sure you have installed firewall.

15 hours ago, SporadicThought said:

If you don't have an answer for any of this stuff, I would appreciate at least a pointer in the right direction. I have Googled a lot of these questions in various forms, but can't seem to find the correct solutions.

If you try above, you will notice that all your questions were replied 😏, hope that helps.