Android application to route incoming connections from Wireguard tunnels to device's network without root access. Based on Boringtun Wireguard implementation and smoltcp user-space TCP/IP stack.
Basically it is wgslirpy tool, but as an Android app.
(see https://github.com/vi/wgslirpy#features)
- Inconvenient, config-file based UI.
- No status of what is happening inside (besides logcat)
- Build the app from source code or download it from releases. Good intro on Rust in Android: https://github.com/ssrlive/rust_on_android_ios
rustup target add aarch64-linux-android
cargo install cargo-ndk
gradlew cargoBuild
ORcargo ndk -t arm64-v8a -o ..\app\src\main\jniLibs\ build
from the nestedwgserv
folder
- Launch
- Press "Sample config". Obviously, do not use that private key for real.
- Adjust IP addresses and keys. Remove unnesesary settings. When in doubt, experiment with
wgslirpy
CLI tool first to familiarize yourself with the options. - Copy and paste the config somewhere.
- Transform it (manually) to wg-quick config, apply it somewhere, or turn into Qr code to use on another Android device.
- Press "start". Watch logcat.
- Ignore "connection expired" or "no current session" errors, it keeps trying connecting.
- Check other peer for Wireguard tunnel status. There is currently no log message meaning "yes, now I'm connected" (unless
debug = true
). - Check if
pinger
is working (if configured) - Check if usual connectivity is working.
- Android device is in another network
- Firewall on Android device blocking traffic of the application
- You confused private and public key in configs. Or confused local and peer keys.
- Allowed ips in counterpart's configuration does not allow traffic
- No keepalive interval on both sides of the connection
- No IP address added to counterpart's Wireguard interface
- DNS not configured
- No default route added
- Android device decided to go to sleep (and you have not configured exception for power optimisations for WgServer).