[adynatos]

can wireguard work over tcp? many captive portals i encounter daily block most ports and almost always allow only tcp. so i set up openvpn on port 443 over tcp, which got through everything so far.

[minus7]

Couldn't you theoretically run traffic over pseudo-TCP. I.e. you send packets that look like TCP (IP packet type TCP + TCP header), but bypass the kernel's TCP stack and put arbitrary, packet-based data in it, like UDP. Theoretically speaking.

[charleslmunger]

Yes, but the same middle boxes would choke on that too, either corrupting it or blocking it.

[Godel_unicode]

You might want to check whether they also allow UDP/53, that's a common exception.

[helper]

There's no reason why it couldn't, but doing that would kill all the performance that it currently provides. You could fairly easily tunnel wireguard over tcp using socat.

[jlgaddis]

> Like many recent protocols, WireGuard is based on UDP.