Help with WireGuard Setup for Home Assistant and Campervan Network

Installation Home Assistant OS
,
1

Hi everyone,

I’ve got Home Assistant running on a Raspberry Pi 3B with HAOS on my home network. I also have a Teltonika RUT955 4G router in my campervan. Here’s what I’ve set up so far:

  1. WireGuard Installation:
  • I’ve installed WireGuard on both the campervan router and Home Assistant (using the WireGuard add-on).
  • I’ve also installed the WireGuard app on my phone, allowing me to connect to both my home network (Home Assistant) and the campervan router.
  • I’ve set up port forwarding on my home network for my home assistant/rpi IP and port 51820.
  1. What Works:
  • I’ve configured static IP routes on the campervan router, so I can ping any device on the campervan network from my phone.
  • I can also ping Home Assistant (on my home network) from the campervan router.
  1. The Problem:
  • I can’t ping the campervan network from within Home Assistant.
  • This means that integrations on Home Assistant (e.g., Modbus) can’t communicate with the campervan router to pull data.
  1. My Solution:
  • I installed the WireGuard Client add-on alongside the main WireGuard add-on on Home Assistant.
  • Now Home Assistant is connected as a peer, and I can communicate from my integrations to the campervan router successfully.

Questions:

  1. Is it okay to run both the WireGuard Server and WireGuard Client add-ons on Home Assistant at the same time? They are both using port 51820.
  2. Is there a way to configure the main WireGuard add-on so Home Assistant acts as a peer, enabling integrations to communicate with other WireGuard peers?
  3. My home router (Eero) doesn’t support static IP routes. Does this affect anything I’m trying to achieve?

Below are my configuration files for reference. Any advice or feedback would be greatly appreciated!

Main WireGuard Add-on Config (Server on Home Network HAOS):

server:
  host: myhouse.duckdns.org
  addresses:
    - 10.10.10.1
  dns:
    - 8.8.8.8
    - 8.8.4.4
peers:
  - name: jacksphone
    addresses:
      - 10.10.10.2
    allowed_ips: []
    client_allowed_ips:
      - 192.168.4.0/24
      - 192.168.5.0/24
  - name: campervan
    addresses:
      - 10.10.10.4
    allowed_ips:
      - 10.10.10.4
      - 192.168.5.0/24
    client_allowed_ips:
      - 10.10.10.0/24
      - 192.168.4.0/24
  - name: jacksmac
    addresses:
      - 10.10.10.5
    allowed_ips: []
    client_allowed_ips:
      - 192.168.4.40
  - name: homeassistant
    addresses:
      - 10.10.10.6
    allowed_ips: []
    client_allowed_ips:
      - 192.168.5.0/24

WireGuard Client Add-on Config (Client on Home Network HAOS):

interface:
  private_key: KEY_HERE
  address: 10.10.10.6/24
  dns:
    - 8.8.8.8
    - 8.8.4.4
  post_up: >-
    iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE; iptables -A FORWARD -p
    tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
  post_down: >-
    iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE; iptables -D FORWARD -p
    tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
  mtu: 1420
peers:
  - public_key: KEY_HERE
    pre_shared_key: ""
    endpoint: myhouse.duckdns.org:51820
    allowed_ips:
      - 192.168.5.0/24
    persistent_keep_alive: "25"

Campervan WireGuard Config:

[Interface]
PrivateKey = KEY_HERE
Address = 10.10.10.4/24
DNS = 8.8.8.8, 8.8.4.4

[Peer]
PublicKey = KEY_HERE
Endpoint = myhouse.duckdns.org:51820
AllowedIPs = 10.10.10.0/24, 192.168.4.0/24
PersistentKeepalive = 25

Thanks in advance for your help!