Wireguard who doesn’t want my Server

Roadwarrior is my friend… is he?

A small scenario, during the implementation of wireguard for my infra (a KVM server in my living room connected via a vpn) I had initially opted for IPSEC via a large supplier, and this in order to have a fixed IP and a reverse dns for the mails, BUT !!!! As it was messing up all the time, I talked about it to a network admin friend who just asked me (with a look that says a lot about my cretinism) why not taking a VPS and using wireguard which is simpler, faster, secure, implemented in the new linux kernels and which can bypass some firewalls… (there, my curiosity was sharpened).
After a quick install by mixing two tutorials the jasper blog and this article on lipidity.com jI type the command wg, everything goes well except that, as in all my tests, I do not read the whole doc, and it is as always there, that the problems begin

After a while, the connection jumps… don’t panic, I put a crontab that will ping the server every time I connect to the… ERROR BAD BAD BAD!

A much simpler solution is there, hidden in the doc:

In the client’s conf, simply place the following line under the endpoint

PersistentKeepalive = 25

As with ipsec, the persistantkeepalive will send a persistence packet every 25 seconds.
This allows my servers to stay connected behind the NAT of my frontend, TADAM <= victore noise