WireSock VPN Gateway: Package Overview

Explore the Core Components of Your VPN Gateway

Package Content

The WireSock VPN Gateway package includes two fundamental components:


A versatile Internet/LAN connection sharing service that works with the Windows Packet Filter driver, supporting:

  • Network Address Translation (NAT): A sophisticated version of Internet Gateway, offering a similar experience to Windows Internet Connection Sharing (ICS).
  • Transparent TCP/UDP proxy (default): Filters the WireGuard server network interface (typically named wiresock) and redirects TCP/UDP connections from WireGuard clients to local proxies for network resource access. It also utilizes the system’s active HTTP/SOCKSv5 proxy settings for outgoing connections.

DNS Handling

By default, DNS queries are forwarded to local DNS servers to expedite resolution. To set preferred DNS servers, use the -dns parameter followed by your chosen DNS server addresses. Absent any DNS configuration, and serve as the fallbacks.

Mode Selection

The service is set to proxy mode upon installation, but you can switch to NAT mode with the commands listed in the Other Useful Commands section.

Protocol Support

It’s important to note that the proxy mode supports only TCP and UDP protocols. ICMP is not supported, which means that clients will not be able to use ping to reach external IP addresses.


A console-based tool designed for comprehensive WireGuard server and client management. It allows for the generation of WireGuard configurations, managing server tunnels, adding peers, and much more. The wg-quick-config source code is openly available on GitHub for community insight and contributions.

Utilizing these components and commands empowers you to tailor your WireSock VPN Gateway to meet the unique demands of your network infrastructure.