Hosted wireguard on my VPS, but when I am in school wifi with the VPN enabled, I still can’t reach websites. The ones not blocked by the school wifi can’t be reached, and the ones blocked even more so, but in home internet the vpn works fine.
I am suspecting that the connection to wireguard is somehow blocked? What is an alternative that won’t be filtered?
When I go to NCSU for an event, their network seems to only allow certain well-known ports out.
Have you tried hosting your wireguard VPN on a different port, say 80 or 443 for TCP or 53 for UDP? It may take some trial and error to find a port that’s allowed by the university and your home Internet provider.
If you use the mobile apps of wireguard watch out for the received and sent packet info. If you don’t get received packets, you school likely blocks outgoing UDP/51280. You can try using another UDP port. It is unlikely that they have deep packet inspection to identify VPN connections.
You could try UDP/53 to simulate DNS or UDP/123 for NTP. Maybe you get lucky.
In my school only allows Port 80/443 TCP ONLY so i use sslh in docker and openvpn
Try v2ray with WS+TLS transport. Not a VPN, a proxy, to be exact, but it should satisfy your needs.
Tailscale would be my choice since it provides the option for exit node and udp punching. Could also try Zerotier or make n ssh tunnel or I would feel safe to say n L2TP might not be blocked. Also as mentioned using 443 should get you through.
Setup a dummy box in the DMZ that doesn’t block any ports on your home network. Port scan from your laptop at school to the home address and find the source/destination pair that isn’t blocked. Input said ports, enjoy.
Otherwise, you can setup something like guacamole and use a web browser to connect to it, then remote (ssh, rdp, whatever) into whatever box at home, enjoy doing whatever from a box sitting on your network.
Schools will usually block most or all ports other than 53/80/443, and further restrict those ports to intended traffic only using DPI, with maybe a few other whitelist rules for other traffic/ports where needed.
10-15 years ago things were typically less locked down, nowadays school sysadmins are generally more on top of things.
Try Portquiz for tcp ports
This could be of use depending on your application: https://github.com/jpillora/chisel
What about Tailscale? Does it punch through?
Make your WireGuard listen on 443/tcp. It works everywhere
It could be an IP collision as well.
Same thing. Tailscale works fine for me.
TCP over dns usually works. It’s slow but it works if you NEED it
Try running your Wireguard server to listen on port 443. If your school blocks it then, I suggest trying OpenVPN TCP running with obfs4proxy listening on 443 (SSL). Obfs4proxy will prevent any deep packet inspection firewalls from filtering your VPN traffic. Let me know if you want more info.
Pulse VPN (allows two concurrent sessions without a paid enterprise license) and presents a web-based port 443 Remote Desktop. You’ll need to host a Linux VM somewhere. A very long way to get around a policy on someone else’s network 
but this is a way that will have a high chance of working, so long as your school doesn’t block “uncategorised” domains or direct access IP addresses. You will learn a helluva lot doing this whole setup and hosting a proper secure VPN. Bonus points if you set up 2FA with TOTPs in Pulse.
Try running openvpn on tcp 443. Won’t be as fast but it almost always works… personally I run pivpn and have WireGuard as option 1 and openvpn tcp 443 as option 2 for when it doesn’t work.
Use wireguard over shadowsocks
There’s a post with a whole bunch of this stuff here:
Also, try openvpn on udp port 22. Idk it might work, might not.