Skip to main content

User Experience

Protocol:

Nekotopia Technical Specifications

Protocol

VPN ProtocolWireGuard (primary)
Config DeliveryDownload .conf file from dashboard, import into any WireGuard onlyclient
Endpoint193.143.16.14:13230 (MikroTik router)
EncryptionCurve25519 (key exchange), ChaCha20 (symmetric), Poly1305 (authentication)

IPsec and PPP options areexist in the developmentcodebase pipeline) Config delivery: Pre-scripted configuration for download Endpoint: AWS EC2 Encryption: Standardbut WireGuard (Curve25519,is ChaCha20,the Poly1305)recommended and supported protocol.

IP Addressing by Tier

Tier Private IP Range Public IP Internet Access
Torus Basic 10.254.16.96/288.0.x or 10.8.1.x None No - mesh only
Torus Standard 10.254.16.128/258.x.x Shared NAT Yes - outbound only
Torus Pro 10.254.16.64/28x Dedicated Public IP193.143.16.x Yes - inbound & outbound

Pro IP Mapping

Your private IP 10.254.16.X maps 1:1 to public IP 193.143.16.X via NAT on the MikroTik. If your torus address is 10.254.16.42, your public IP is 193.143.16.42.

User Dashboard

Controls

VPN Management:

Management

  • View active VPN connections and status
  • Download WireGuard config files
  • Request new VPN connections
  • See assigned IP addresses

Firewall/

Firewall & Access Controls (for Pro users):

only)

  • toggle -
  • toggle -
  • - beincreased)
    ControlDescription
    Full Mesh Allow/deny traffic to/from other Torus members
    Public Inbound Allow/deny inbound connections from the internet to your public IP
    Bandwidth limitLimit Configurable rate limit (default 512 Kbps, canadjustable)

    DNS Hostnames (Pro only):

    • Create up to 5 custom hostnames like(e.g., yourname.torus.nekotopia.io)
    • Points A record points to your public IP
    • Automatically creates PTR (reverse DNS) record created automatically
    • Add/remove hostnames from the dashboard

    **Profile:

    Profile

    • Update name,name and email
    • Change password

    Network Configuration

    SettingValue
    DNS Server10.254.16.1 (pushed via VPN)
    Default Route0.0.0.0/0 through VPN (Standard/Pro)
    Split TunnelPossible by modifying AllowedIPs in config
    Keepalive25 seconds (standard for NAT traversal)

    What You Can Host (Pro tier)

    With a dedicated public IP and inbound access enabled, you can run publicly-accessible services on any port:

    • Web servers (HTTP/HTTPS)
    • Game servers
    • SSH access
    • Mail servers (reverse DNS included)
    • Anything else that listens on a port

    The automatic PTR record makes Pro accounts suitable for running mail servers without deliverability issues.

Back to top