Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Can you describe in more detail the iOS configuration? This is basically what I've been wanting to do, but haven't found out how to get the experience right on my phone.


Happily.

I use the official WireGuard app from the app store. I have two connections configured.

Assume that the endpoint (i.e. server running wireguard on port 500) is 8.8.8.8:500, the IP of my iDevice on the VPN should be 192.128.1.254, my home LAN is 192.168.1.0/24, my PiHole is 192.168.1.2, and my home wifi SSID is Ycombinator.

Connection 1 is:

- Address(es): 192.168.1.254

- DNS Servers: 192.168.1.2

- Endpoint: 8.8.8.8:500

- Allowed IPs: 192.168.1.0/24

- On-demand activation:

-- Wifi: Off

-- Cellular: On

Connection 2 is:

- Address(es): 192.168.1.254

- DNS Servers: 192.168.1.2

- Endpoint: 8.8.8.8:500

- Allowed IPs: 192.168.1.0/24, 0.0.0.0/0

- On-demand activation:

- Wifi: On (Except 1 SSID: Ycombinator)

- Cellular: Off

If this isn't clear, I can post screenshots.


> Allowed IPs: 192.168.1.0/24, 0.0.0.0/0

Is this redundant, since 0.0.0.0 should include the 192.168.1.0/24 subnet? Not being a smart alec, I'm actually asking: I have an okay-ish understanding of networking stuff but not an expert.


Yes indeed, that’s how I have it setup. I have one WireGuard configuration on iOS, for both cellular and WiFi (except my home SSID). And it works like a charm.


> 192.168.1.0/24, 0.0.0.0/0

I believe his question was, for Allowed IPs, isn't including "192.168.1.0/24" explicitly redundant since you've also specified "0.0.0.0/0"?

The answer, by the way, is yes.


GP is correct. 0.0.0.0/0 is all possible IPv4 subnets.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: