I just installed Wireguard from the app store.
On my mobile device side, I installed wireguard and scanned the QR code I generated for a new client.
On the mobile side the Endpoint is umbrel.local and the application says it can’t resolve the DNS hostname.
I have tried with the IP that wget -qO- ifconfig.me gives me from the terminal on my umbrel home, but it doesn’t work either.
Could someone help me with this?
Thanks in advance
Same here. Also tried download the config file instead of qr. Used it as it was as well as with edited IP. Doesnt work and i find no manual/instructions on how to set this up. Help appreciated
On your mobile config replace umbrel.local with your public IP (of home network).
Don’t forget to open ports on router.
Ok. I tried but failed. I know how to upen ports for specific clients in my router settings (NAT forwarding → virtual server) but if i try the same way for the IP for my whole network its not accepted.
What is your endpoint configured as in the client?
Mask half the ip for privacy but what port does it say on endpoint?
What does this mean?
Just put the port forward to your umbrel device. The umbrel device will do the routing to the rest of your network.
The port is 51821
Aha, to the Umbrel device, when you said “public IP of home network” i thought you referred to exactly that - so i checked my ip at “checkmyip” and used that.
However, i also tried to use the ip for my Umbrel device and had no success there either…
I also noticed that there is an adress under the client name in the Wireguard interface im Umbrel. Its possible to configure, is this something to consider here? (Its the same adress that appear under “adress” in the config file)
I have now opened the port for my Umbrel device, put that Ip and port at the end of the config file, (endpoint) … imported the file to wireguard in my phone and activate. But when i go to checkmyip it shows my original Ip so dont appear to be behind VPN…
This worked for me:
- Scan the qr code for a new connection on the wireguard app at umbrel.
- Go to router and open a port. The specified on the endpoint at the configuration of the wireguard connection on the phone (the specified IP address must be the local one of your umbrel home)
3.Open a ssh connection to the umbrel home and type " wget -qO- ifconfig.me ". Hit enter and copy the shown IP address. - Change the " umbrel.local " part for the copied IP address on the wireguard configuration. Save and start.
That’s all. Hope it works for you too.
I might have misunderstood the whole purpose of this WG application. Following the setup you suggest just makes the ip for my phone the same as my home network when going to “checkmyip”… not anonymous. Is the purpose of this to provide a secure way to access our Umbrel device from outside the home network (much like Tailgate) or is it anonymous internet like a general VPN. If the latter im doing something wrong…
WireGuard can be used in two main ways. To secure remote access, and for anonymous internet access.
It securely connects your device to your home network, allowing you to access home devices as if you were on your home Wi-Fi. In this mode, your IP address will appear as your home network’s IP. This is the case on umbrel since the server is in it.
And when configured with a VPN server, it routes your internet traffic through that server, masking your original IP address and providing anonymity. To browse the internet anonymously, connect to a VPN server designed for that purpose, not just your home network.
Thanks. As per the second use (anonymous internet) i already have a paid Wireguard tunnel that my ISP offer. That was the only use i imagined it had so when the app appeared on Umbrel i figured i could set that up and use instead of the paid service.
So, does that mean i can use the Umbrel app im conjunction rather than as a replacement to the paid service i have? And if so, how do you set that up?
Below are the steps that worked for me in a home LAN environment behind a NAT router to get wireguard working. After installing wireguard and creating new client.conf files, this line “endpoint = umbrel.local:58120” in the [Peer] section would not resolve from client apps outside the LAN and Router since umbrel.local is only for internal LAN use. One should create a client.conf file and check this endpoint line and note the port.
Step 1: In the router, I forwarded that UDP port noted above to the internal LAN ip of the umbrel machine running wireguard.
Step 2: SSH into umbrel and go to /home/umbrel/umbrel/app-data/wireguard folder and edit the docker-compose file with: sudo nano docker-compose.yml Change the line WG_HOST: umbrel.local to point to your public external router ip like this WG_HOST: <external.public.ip.routeraddress> [or if you have domain name connected to your external public router IP address you may use <my.domain.name> instead of ].
Double check the app: ports: portnumber in docker-compose.yml and make sure this is the port forwarded on your router to the internal LAN ip of umbrel machine.
To test changes after reboot of umbrel, use wireguard to create another client.conf file and look at the [Peer] “endpoint =” line again. It should now be endpoint = your.routers.ip.address:portforwardedonrouter or my.domain.name:portforwarded. Once these wireguard client.conf files and qr codes are imported into client apps, they should connect with the correct endpoint.