It definitely encrypts the traffic, the problem is that it encrypts the traffic in a recognizable way that DPI can recognize. It’s easy for someone snooping on your traffic to tell that you’re using Wireguard, but because it’s encrypted they can’t tell the content of the message.
Comment on Reverse proxy
Felix_lm22@sopuli.xyz 6 months agoUnfortunately, Deep Packet Inspection does this as Tailscale/Wireguard does not encrypt traffic
melmi@lemmy.blahaj.zone 6 months ago
SeeJayEmm@lemmy.procrastinati.org 6 months ago
Looks like wireguard encrypts traffic to me.
mfat@lemdro.id 6 months ago
It’s easily detected by firewalls in China and Iran.
dataprolet@lemmy.dbzer0.com 6 months ago
Interesting, because Tailacale doesn’t use any special ports. How would that be detected? And could you maybe use Headscale on a dynamic port to circumvent that?
mfat@lemdro.id 6 months ago
Wireguard is blocked at protocol level no matter which part you use. Tailsclale uses wireguard. Haven’t tried headscale yet.
pyrosis@lemmy.world 6 months ago
It’s definitely encrypted they can just tell by signature that it is wireguard or whatever and block it.
They could do this with ssh if they felt like it.
loutr@sh.itjust.works 6 months ago
Wireguard, like all VPNs, definitely does E2E encryption. What would be the point of an unencrypted VPN?