Mosquitto allow local network access

Mosquitto just updated and broke all of my external connections. I can connect to it from the machine it is running on but not other machines on the local network.

from it’s log file:
1614361328: Starting in local only mode. Connections will only be possible from cl
ients running on this machine.
1614361328: Create a configuration file which defines a listener to allow remote a
1614361328: Opening ipv4 listen socket on port 1883.
1614361328: Opening ipv6 listen socket on port 1883.

I have not found the configuration setting for mosquitto to allow access from my local network.
to whit: “Create a configuration file which defines a listener to allow remote a

How do I turn off local only mode?

any pointers?

I got below from post on stack overflow

Starting with the release of Mosquitto version 2.0.0 (you are running v2.0.2) the default config will only bind to localhost as a move to a more secure default posture.

If you want to be able to access the broker from other machines you will need to explicitly edit the config files to either add a new listener that binds to the external IP address (or or add a bind entry for the default listener.

More details can be found in the 2.0 release notes here

listener 1883

in mosquitto.conf


I also had to add allow anonymous true to get it to work

listener 1883
allow_anonymous true

THANK You all

Different topics: You allow access by anyone from anywhere, i require valid username/password combinations.

I am currently trying to restrict mosquitto to the subnet but that is erroring out

listener 1883 does not work

Suggestions on how to limit mosquitto to a subnet?

next: I will have to reprogram all of my mqtt IOT devices to use a secure login.

1 Like

Looking through the mosquitto docs I don’t see a way to filter subnets. The closest thing I found was that you can use a config like

listener 1883
bind_interface eth0

And then use your firewall to set up rules about the traffic coming in on that port to limit it to the same subnet.

1 Like

Hello All, reading this to try and solve my issue and wondered if anyone could possibly help.

I have a sonoff s26 switch flashed with Tasmota and I’m trying to get it to connect to mosquitto over the LAN.

I set Listener as suggested and changed allow_anonymous true but the tasmota is still giving me an RC-2 error. I have two switches on different firmware and the other is giving me an RC -5 error which I’m guessing is the same issue.

17:10:57 MQT: Connect failed to, rc -2. Retry in 10 sec
17:06:21.246 MQT: Connect failed to, rc -2. Retry in 70 sec

Hopefully I’m being really thick and missing something obvious.


This is the mosquitto_config file that I changed the Listener.

You probably already figured it out, but have you tried adding an inbound rule to open port 1883 in the firewall settings?

I am trying to get Mosquitto exposed to my LAN, but cannot get it working. My HA runs ons HA-OS and I’ve added this config to a custom .conf file:

listener 1882
allow_anonymous true

In the logs I can see the listener is started, still the port is not reachable. Probably because an port exposure of the add-on Docker container is needed. Can anyone help?

Did you change the port by intend, because usually it’s 1883 for non-TLS MQTT?

I currently assemble a project to start an HA Container-based stack from scratch, incl. MQTT and Zigbee2MQTT. From the docker-compose file in my Github repository, here’s an excerpt to start Eclipse Mosquitto for anonymous access. The Mosquitto image comes with an appropriate configuration for this:

    command: "mosquitto -c /mosquitto-no-auth.conf"
    container_name: mosquitto
      - TZ
    image: eclipse-mosquitto:2.0
      - 1883
      - 9001
    restart: always
      - "./mosquitto-data:/mosquitto"

You would need to change the “expose” statement to a “ports” statement, if Home Assistant and Mosquitto are not on the same network.

If i change it to listener 1883 Mosquitto wont start with Error: Address already in use

You need to find out, what is running of port 1883. I guess another MQTT service, maybe from a HA Add-On.

There might be some bug with eclipse-mosquitto v2 … I tried all the suggestions from you but still did not manage to make it work (without allowing anonymous access).

So I decided to use mosquitto version 1.6 and it works! Here are my configs


    container_name: mqtt
    image: eclipse-mosquitto:1.6
      - /home/<user+path>/mosquitto/config:/config
      - /home/<user+path>/mosquitto/data:/data
      - /home/<user+path>/mosquitto/log:/log
      - /etc/localtime:/etc/localtime:ro
      - 1883:1883
      - 9001:9001


listener 1883
persistence true
persistence_location /mosquitto/data/
log_dest file /mosquitto/log/mosquitto.log
allow_anonymous false
password_file /mosquitto/config/passwd

Same issue here, tried all options but this solution works. Moving back to version 1.6

Same here. Just version 1.6 works fine

Can anybody tell me how to access the mosquitto.conf file please, I want to add the listener. I’m sure it’s simple but I’m lost. Thanks