I solved myself, I allow my ha private ip and now it works
Okey, I was struggling a lot to get this work. I could access my local devices. But had no Internet Connection.
This config is now working for me:
I’m running hass.io on a windows server with VirtualBox (network bridged mode)
My Router is an Apple Airport Extreme (don’t think it matters).
But what actually made this work was when I configured the DNS to use my default gateway ip.
server:
host: my.external.hostname
addresses:
- 10.10.10.1
dns:
- 192.168.1.1
peers:
- name: mypc
addresses:
- 10.10.10.2
allowed_ips: []
client_allowed_ips:
- 192.168.1.0/24
1 Like
Recently I changed my home router and ISP provider.
I configured again the redirected port but after some days my Windows client is not working but my Android client does. Any ideas what to check?
“Handshake did not complete after 5 seconds”
Hello every body.
I’m new in home-assistant forum and I don’t know how to use it very much. Let’s see if I can do it.
I have installed hassio in a rpi 4 and proxied my cloudflare domain through nginx proxy manager which in in another rpi 4. I installed wireguard and AdGuard in home assistant and configured this way
log_level: info
server:
host: ha.example.com (cloudflare domain)
addresses:
- 10.10.10.1
dns:
-172.30.32.1 (AdGuard)
peers:
- name: my iPhone
addresses:
- 10.10.10.2
allowed_ips: []
client_allowed_ips: []
The configuration works well because I can access my LAN when I type for example the local pi of nginx proxy manager. I can search the web to, but if I am with 4G my ip is not my home pi, instead is the ISP ip. Can someone tell me if it’s correct? I would like to config the VPN to use my home ip when I’m outside. Like comercial VPN.
Thank you
I have solved the problem. My cloudflare domain was proxied and it couldn’t find my home ip. Now works perfect
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing...
-----------------------------------------------------------
Add-on: WireGuard
Fast, modern, secure VPN tunnel
-----------------------------------------------------------
Add-on version: 0.3.2
You are running the latest version of this add-on.
System: null (armv7 / raspberrypi3)
Home Assistant Core: 0.114.4
Home Assistant Supervisor: 245
-----------------------------------------------------------
Please, share the above information when looking for help
or support in, e.g., GitHub, forums or the Discord chat.
-----------------------------------------------------------
[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing...
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] config.sh: executing...
[cont-init.d] config.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[00:18:25] INFO: Starting WireGuard...
[#] ip link add wg0 type wireguard
RTNETLINK answers: Not supported
[!] Missing WireGuard kernel module. Falling back to slow userspace implementation.
[#] wireguard-go wg0
WARNING WARNING WARNING WARNING WARNING WARNING WARNING
W G
W You are running this software on a Linux kernel, G
W which is probably unnecessary and misguided. This G
W is because the Linux kernel has built-in first G
W class support for WireGuard, and this support is G
W much more refined than this slower userspace G
W implementation. For more information on G
W installing the kernel module, please visit: G
W https://www.wireguard.com/install G
W G
WARNING WARNING WARNING WARNING WARNING WARNING WARNING
INFO: (wg0) 2020/10/03 00:18:25 Starting wireguard-go version 0.0.20200320
ERROR: (wg0) 2020/10/03 00:18:25 Failed to create TUN device: no such file or directory
Unable to access interface: Protocol not supported
[#] ip link delete dev wg0
Cannot find device "wg0"
[00:18:55] INFO: Requesting current status from WireGuard...
[00:19:25] INFO: Requesting current status from WireGuard...
I’m having issues getting Wireguard to work, it use to work just fine and then it stopped. I’ve tried reinstalling the addon but still having trouble. What am I doing wrong?
This is my configuration:
server:
host: #####.duckdns.org
addresses:
- 172.27.66.1
dns:
- 172.30.32.1
peers:
- name: iphone
addresses:
- 172.27.66.2
allowed_ips: []
client_allowed_ips: []
I‘m using exactly your config for the sensors. Till 0.116 it worked fine. Yesterday I upgraded to 0.117 and getting errors. I guess there is something wrong with the rest sensor.
Error fetching data: http://a0d7b954-wireguard failed with [Errno 111] Connect call failed (‘172.30.33.4’, 80)
Hi Friends!
I’m experiencing some troubles with this configuration. My Wireguard sensors seems to be on a flipflop state permanently.
Can someone share the full config? Im a newbe, and need some help!
Thank you all!
I tried to setup the same sensor and am having exactly the same issue. I would be interested if anyone has it working okay in the latest version of HA and if so can share any further details in their config.
1 Like
Hello @JoaoM
Can you send me your Configuration file please ?
I want an access on my local Network and than the internet goes through my phone network instead of VPN.
I wonder, why some tutorials about Wireguard are presented alongside Traefik or HAProxy?
What is the reason to use them at home?
For example, access to docker containers on homelab: Internet>Proxy>HomeAssistantContainer
instead Internet>HomeAssistant
Another example: Internet>Proxy>DockerContaineroftheService
Somewhere between HassOS 4.14 and 4.16, my wireguard setup stopped working. When I updated to version 4.17, it started working again. See HassOS 4.17 changes.
Guys, any idea how to transform following Wireguard config to Add-on config? I really struggle with different terminology and syntax.
I need HASS to connect as client, not to host a server.
[Interface]
PrivateKey = XXXXXXXXXX // Private key of THIS client
Address = 10.10.20.3/24 // Local IP client will get
DNS = 10.10.20.1
[Peer]
PublicKey = XXXXXXXXXXXXX // Public key of remote Wireguard server
AllowedIPs = 0.0.0.0/0
Endpoint = XX.XX.XX.XX:YYYY // Public IP of remote Wireguard server
Thanks!
2 Likes
Same issue here … are you using also DNSMasq?
WireGuard Configuration is below
server:
host: xxxyyy.duckdns.org
addresses:
- 10.10.10.1
dns: []
peers:
- name: myiphone6s
addresses:
- 10.10.10.2
allowed_ips: []
client_allowed_ips: []
log_level: debug
From the LOG I see that the tunnel is established, but no data transfer and no handshake.
I stopped DNSMasq as well, but without success …
Someone has any ideas how to mix this issue??
Dear community,
first of all thank you for your great support! I read the whole thread and multiple people addressed the following topic but no answer was provided yet.
I’m running the supervised version of Home Assistant and managed to connect a peer with the below config to my home network (192.168.179.0/24). I’m able to ping devices in the home network from the peer but additionally I need to access the peer from the home network.
Could you please help me to enhance my configuration to be able to ping the peer from my home network? I already added the IP route 192.168.169.0/24 to my Home Assist server (192.168.179.10) in the router (192.168.179.1). I tried to add an iptable entry on the host of the home assistant server but did not succeed.
server:
host: <myserver>.duckdns.org
addresses:
- 192.168.169.1
dns:
- 192.168.179.10
peers:
- name: Full
addresses:
- 192.168.169.2
allowed_ips: []
client_allowed_ips:
- 0.0.0.0/0
Todd, did you get your Wireguard install working?
I am attempting to install & configure and I get exactly the same log entries as you.
Thanks
Apologies in advance if I missed it from the 187 previous messages - can someone help me understanding the server.addresses configuration? The add-on documentation specifies the following:
It is strongly advised to create/use a separate IP address space from your home network, e.g., if your home network uses
192.168.1.xthen DO NOT use that for the add-on.
What is the intention behind using a different address space: is this for security reasons, or solely to avoid collisions with local DHCP, or something else that I might be missing?
If my network is 10.0.1.x, can I set server.addresses to 10.1.1.1 and expect no further issues?
This setting work fine by the way, but I’m trying to wrap my head around this specific to make sure I’m not missing anything, so any help appreciated - thanks!
I am running the latest of the supervisor and HA. I am also getting the errno 111 and my sensors are flipfloping as well. This seemed to start a few versions of HA ago, but I ignored it because wireguard continued to work. But, it is really annoying. I use the status to notify users that they are not on vpn when not at home.
Is this a docker config issue? The error is generated by not being able to connect to the container IP on port 80… If I look at the container for wireguard, it has this port configuration 0.0.0.0:51820 51820/udp, does that mean that port 80 is not getting into the container?
I may be way off, just asking.
Matt
Hi ALl,
Installed WireGuard on my HA (Docker) on Debian 10 64Bit. I read that I need to install wireguard on detain to let this add-on work. Install is done, reboot RPi to load everything correct.
root@hassio:/home/poudenes# apt install wireguard
Reading package lists... Done
Building dependency tree
Reading state information... Done
wireguard is already the newest version (1.0.20200827-1).
The following package was automatically installed and is no longer required:
lxplug-volume
Use 'sudo apt autoremove' to remove it.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
When I start my Add-On I get this error:
[10:22:02] INFO: Starting WireGuard...
[#] ip link add wg0 type wireguard
RTNETLINK answers: Not supported
[!] Missing WireGuard kernel module. Falling back to slow userspace implementation.
[#] wireguard-go wg0
WARNING WARNING WARNING WARNING WARNING WARNING WARNING
W G
W You are running this software on a Linux kernel, G
W which is probably unnecessary and misguided. This G
W is because the Linux kernel has built-in first G
W class support for WireGuard, and this support is G
INFO: (wg0) 2020/12/07 12:22:02 Starting wireguard-go version 0.0.20200320
ERROR: (wg0) 2020/12/07 12:22:02 Failed to create TUN device: no such file or directory
W much more refined than this slower userspace G
W implementation. For more information on G
W installing the kernel module, please visit: G
W https://www.wireguard.com/install G
W G
WARNING WARNING WARNING WARNING WARNING WARNING WARNING
Unable to access interface: Protocol not supported
[#] ip link delete dev wg0
Cannot find device "wg0"
I’m stuck now (also unknown knowledge of wireguard)
Can someone help me with this?
EDIT:
I did install this:
sudo apt-get install raspberrypi-kernel-headers
and now its working
Hallo @twproject,
I am also trying to do the same as you have described at your post from 1.8.20.
I also get a connection refused when I am execute the curl command.
How did you solved it?
Thanks, einzelband.