HA without public IP and wireguard

Hello,
I have Home Assistant Green installed. I don’t have a public IP address at home yet, so I set up a WireGuard VPN to my workplace, where there are several public IPs.
The WireGuard connection works fine — I can ping my HA Green’s VPN IP (10.0.128.12).

I’d like to use NGINX Proxy Manager to forward HTTPS requests from the public internet to my HA Green via the WireGuard VPN (10.0.128.12).

However, when I try to open the HA login page, I get a “Not Found” error.
If I set the destination IP to my HA Green’s local IP (in my home network — 192.168.0.230), the page loads successfully.

Is there a way to make WireGuard on my Home Assistant respond directly on its WireGuard interface IP 10.0.128.12 (using a PostUp / PreUp script), without routing the local private IP 192.168.0.230 of my HA Green through the VPN?.

image1036×590 32.5 KB

My current WireGuard configuration:
server:
host: 0.0.0.0
addresses:
- 10.0.128.11
dns:
- 1.1.1.1
mtu: 1400

peers:

• name: bberakVPN
  addresses:

  • 10.0.128.1/32
    allowed_ips:
  • 10.0.128.1/32

  client_allowed_ips:

  • 10.0.128.12/32
    public_key: oI0lMvdW3MkLHKbVvIh9dRgNKRQadGikMLKRYzrRfWQ=
    endpoint: cloud.bb.eu:50000
    persistent_keep_alive: 5

How did you do that if you don’t have a routable IP address at home?

image1036×590 37.4 KB

I don’t have a dedicated public IP address from my internet provider. My connection, like many other customers’, is shared behind a single public IP.

So you do have a public IP address it is just NATed. Most ISPs will move you off CGNAT if you just ask them. Would make things a lot simpler for you.

Unfortunately, that’s not possible in my case because my ISP uses CGNAT and doesn’t provide a public IP address.

Yes that is what I just said.

Have you actually tried asking them to give you a service without CGNAT?

That was all I had to do with my ISP. No extra cost.

If they won’t then change provider.