[TUN] [wg_server] No valid endpoint has been configured or discovered for peer 3

[sunnyd24]

Problem/Motivation

Cannot get a valid configuration that works with my wireguard server on windows

Expected behavior

To show Endpoint in Wireguard Server GUI, Tunnels tab under peer for HASSIO. Two other peers show valid endpoints which are mobile devices.

Actual behavior

Error message shown in Log tab of Wireguard Server GUI:
[TUN] [wg_server] No valid endpoint has been configured or discovered for peer 3

Steps to reproduce

see below for yaml

interface:
  private_key: (***removed***)
  address: 10.147.17.51
  dns:
    - 8.8.8.8
    - 1.1.1.1
  post_up: >-
    iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE; iptables -A FORWARD -p
    tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
  post_down: >-
    iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE; iptables -D FORWARD -p
    tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
  mtu: 1420
peers:
  - public_key: (***removed***)
    pre_shared_key: (***removed***)
    endpoint: example.hostname.com:60000
    allowed_ips:
      - 10.147.17.0/24
    persistent_keep_alive: "25"
log_level: debug

Network ports tried: 80, 8080, 51820, 60000 all show {} in web browser.

I suspect it is an issue as the wireguard server is internally connected with an IP address 192.168.1.50 listening on port 60000, and the HASS is running on a Hyper-V VM with an IP address 192.168.1.51.

[bigmoby]

Hi @sunnyd24 I think it's not an add-on issue but a support question. Anyway, please check the allowed_ips and address fields are valid according to your server configuration, the port field too.

[sunnyd24]

@bigmoby Probably correct on support, I am struggling with the config as I am missing something.

See attached for current network toplogy, I still can't figure out how to configure this HASS Wireguard Client (10.10.0.1) to connect to my Windows Wireguard Server at 10.

This is my current server config:

[Interface]
PrivateKey = eLIdwLSQCtxJEP3T+WLd9E+o4VedckoubuBpH2yyj1Y=
ListenPort = 60000
Address = 10.10.0.50/24

[Peer]
PublicKey = eLIdwLSQCtxJEP3T+WLd9E+o4VedckoubuBpH2yyj1Y=
PresharedKey = eLIdwLSQCtxJEP3T+WLd9E+o4VedckoubuBpH2yyj1Y=
AllowedIPs = 10.10.0.0/24

This is my current add-on yaml:

interface:
  private_key: eLIdwLSQCtxJEP3T+WLd9E+o4VedckoubuBpH2yyj1Y=
  address: 10.10.0.51
  dns:
    - 8.8.8.8
    - 1.1.1.1
  post_up: >-
    iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE; iptables -A FORWARD -p
    tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
  post_down: >-
    iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE; iptables -D FORWARD -p
    tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
  mtu: 1420
peers:
  - public_key: eLIdwLSQCtxJEP3T+WLd9E+o4VedckoubuBpH2yyj1Y=
    pre_shared_key: eLIdwLSQCtxJEP3T+WLd9E+o4VedckoubuBpH2yyj1Y=
    endpoint: example.hostname.com:60000
    allowed_ips:
      - 10.10.0.0/24
    persistent_keep_alive: "25"
log_level: debug

Any ideas on how to configure the yaml, as the above does not work?

[bigmoby]

Please @sunnyd24 could you post here the server config too?
p.s.: please write a demo-string as public_/private_/pre_shared/key for both client and server configuration.

[sunnyd24]

@bigmoby Sure, I have updated post above to add server config and demo-string used for all keys, shown as:
"eLIdwLSQCtxJEP3T+WLd9E+o4VedckoubuBpH2yyj1Y=".

[bigmoby]

Mmm no, I mean demo-string each for any field according server and peer...not the same string as a placeholder, it's not useful :-)

[sunnyd24]

@bigmoby not sure i understand "demo-string".
Do you mean generate valid example keys for all three types you mentioned above?

[bigmoby]

Hi @sunnyd24
please have a try with this config

[Interface]
PrivateKey = eLIdwLSQCtxJEP3T+WLd9E+o4VedckoubuBpH2yyj1Y=
ListenPort = 60000
Address = 10.10.0.50/24

[Peer]
PublicKey = eLIdwLSQCtxJEP3T+WLd9E+o4VedckoubuBpH2yyj1Y=
PresharedKey = eLIdwLSQCtxJEP3T+WLd9E+o4VedckoubuBpH2yyj1Y=
AllowedIPs = 10.10.0.51/32

In other words, you have to define the correct client IP for the peer.