govpn.go     |  8 +++++---
 handshake.go | 16 ++++++++++++----

diff --git a/govpn.go b/govpn.go
index c0f762a9fc3796d270123cc5c611f2ffe8a069df..de54a2f5617fc2b5042e43fddedfd3297cb2f033 100644
--- a/govpn.go
+++ b/govpn.go
@@ -46,6 +46,7 @@ 	keyPath    = flag.String("key", "", "Path to authentication key file")
 	upPath     = flag.String("up", "", "Path to up-script")
 	downPath   = flag.String("down", "", "Path to down-script")
 	mtu        = flag.Int("mtu", 1500, "MTU")
+	nonceDiff  = flag.Int("noncediff", 1, "Allow nonce difference")
 	timeoutP   = flag.Int("timeout", 60, "Timeout seconds")
 	verboseP   = flag.Bool("v", false, "Increase verbosity")
 )
@@ -94,6 +95,7 @@ func main() {
 	flag.Parse()
 	timeout := *timeoutP
 	verbose := *verboseP
+	noncediff := uint64(*nonceDiff)
 	log.SetFlags(log.Ldate | log.Lmicroseconds | log.Lshortfile)
 
 	// Key decoding
@@ -244,14 +246,14 @@ 					if !exists {
 						state = &Handshake{addr: udpPkt.addr}
 						states[addr] = state
 					}
-					p = state.Server(conn, key, udpPktData)
+					p = state.Server(noncediff, conn, key, udpPktData)
 				} else {
 					if !exists {
 						fmt.Print("[HS?]")
 						udpSinkReady <- true
 						continue
 					}
-					p = state.Client(conn, key, udpPktData)
+					p = state.Client(noncediff, conn, key, udpPktData)
 				}
 				if p != nil {
 					fmt.Print("[HS-OK]")
@@ -269,7 +271,7 @@ 				udpSinkReady <- true
 				continue
 			}
 			nonceRecv, _ := binary.Uvarint(udpPktData[:8])
-			if peer.nonceRecv >= nonceRecv {
+			if nonceRecv < peer.nonceRecv-noncediff {
 				fmt.Print("R")
 				udpSinkReady <- true
 				continue
diff --git a/handshake.go b/handshake.go
index 697e75c50170a7a48a65e5eaf660fce81ffcd3e1..8cac69d8f8954965787a33de0c32b6a95b6e7f74 100644
--- a/handshake.go
+++ b/handshake.go
@@ -112,7 +112,7 @@ 	}
 	return &state
 }
 
-func (h *Handshake) Server(conn *net.UDPConn, key *[32]byte, data []byte) *Peer {
+func (h *Handshake) Server(noncediff uint64, conn *net.UDPConn, key *[32]byte, data []byte) *Peer {
 	switch len(data) {
 	case 56: // R + ENC(PSK, dh_client_pub) + NULLs
 		fmt.Print("[HS1]")
@@ -180,7 +180,11 @@ 			panic(err)
 		}
 
 		// Switch peer
-		peer := Peer{addr: h.addr, nonceOur: 0, nonceRecv: 0}
+		peer := Peer{
+			addr: h.addr,
+			nonceOur: noncediff + 0,
+			nonceRecv: noncediff + 0,
+		}
 		peer.key = KeyFromSecrets(h.sServer[:], decRs[8+8:])
 		fmt.Print("[OK]")
 		return &peer
@@ -190,7 +194,7 @@ 	}
 	return nil
 }
 
-func (h *Handshake) Client(conn *net.UDPConn, key *[32]byte, data []byte) *Peer {
+func (h *Handshake) Client(noncediff uint64, conn *net.UDPConn, key *[32]byte, data []byte) *Peer {
 	switch len(data) {
 	case 88: // ENC(PSK, dh_server_pub) + ENC(K, RS + SS) + NULLs
 		fmt.Print("[HS2]")
@@ -247,7 +251,11 @@ 			return nil
 		}
 
 		// Switch peer
-		peer := Peer{addr: h.addr, nonceOur: 1, nonceRecv: 0}
+		peer := Peer{
+			addr: h.addr,
+			nonceOur: noncediff + 1,
+			nonceRecv: noncediff + 0,
+		}
 		peer.key = KeyFromSecrets(h.sServer[:], h.sClient[:])
 		fmt.Print("[OK]")
 		return &peer