How to configure Wireguard in LibreElec 9.2.6

  • I am trying to configure my VPN in LibreELEC using WireGuard. I am currently using the Xeovo VPN service. They train me the Wireguard configuration as follows:

    Code
    [Interface]
    Address = 10.128.XX.XXX
    PrivateKey = [PrivateKey]
    DNS = 10.128.0.1
    
    [Peer]
    PublicKey = [PublicKey]
    AllowedIPs = 0.0.0.0/0
    Endpoint = fr.gw.xeovo.com:51820

    Generally, with any Wireguard client adding this configuration it works fine. I have seen in the LibreELEC documentation that it should be added as follows: WireGuard - LibreELEC.wiki. I tried to add the following configuration but it doesn't work:

    I have tried several configurations. Using the DNS offered by Xeovo, changing the domain for the IP in Host . But it doesn't work.

    I try to run connmanctl services to see if it detects the configuration and does not appear.

    I have even tried to configure a Wireguard in local and it seems to detect it.

    Previously also provided with some IP and does not seem to work. According to the documentation, they say that Wireguard's tunnels are managed by a service called ConnMan VPN plugin (connman-vpn.service), I see in the logs the following error:

    Code
    Jan 18 16:49:05 LibreELEC connman-vpnd[278]: Config file /storage/.config/wireguard/xeovo.config does not contain any configuration that can be provisioned!

    Do I have to put in WireGuard.PrivateKey and WireGuard.PublicKey the data that Xeovo sends me? Or should I create my PublicKey?

    Could someone tell me what I'm doing wrong? /shrug

    Regards,

    T3rr0rz0n3

  • Did you used our search function? Results for "Wireguard": Click!

    Of course I know the search function. That's why I decided to write, because I didn't find anything that could help me solve my problem. Thanks for the information. ;)

    Replace [Xeovo] with [provider_wireguard] and change fr.gw.xeovo.com to an IP address.

    Thank you for responding. I tried that too, actually this is the configuration I have:

    But it still doesn't work, connman-vpnd seems not to detect my configuration :/ I even tried 8.8.8 or 1.1.1.1 in WireGuard.DNS

    Regards,
    T3rr0rz0n3

  • Thanks elonesna! But I understand that this is to use Raspberry Pi as a WireGuard server, right? I would need to set up an external VPN server.

    This tutorial is for Raspberry Pi and any other device that uses LibreELEC or CoreELEC. It has two parts: (1) How to create and launch a WireGuard server, and (2) how to create and launch a WireGuard client.

    If you already have a WireGuard server then you will only need a WireGuard client. If you want to create a network of connected devices then some of them will need to be the server and the rest the clients.

    If you don't know what a VPN server or VPN client is, then you have to study a bit first.

  • This tutorial is for Raspberry Pi and any other device that uses LibreELEC or CoreELEC. It has two parts: (1) How to create and launch a WireGuard server, and (2) how to create and launch a WireGuard client.

    If you already have a WireGuard server then you will only need a WireGuard client. If you want to create a network of connected devices then some of them will need to be the server and the rest the clients.

    If you don't know what a VPN server or VPN client is, then you have to study a bit first.

    As I mentioned in my first message, I tried to configure WireGuard in LibreElec and that configuration works fine. It doesn't make sense to have a local VPN, mostly because you'll leave with the IP of your router.

    Your tutorial surely works, but it has nothing to do with what I need to do. I only need to do the second part, but with an external VPN. That is, reproduce what you explain in real life. A "local" VPN is useless.

    Any ideas? What's wrong with my configuration?

    Regards,
    T3rr0rz0n3

  • When there would be an option to use fqdn instead of an IP address? In my country, the IPs are changing every week and its awful!

    If you think that WireGuard is very complicated (it really is not, although it needs the opening of router ports from the WG server network and also allows the use of DDNS in the WG clients (1) replacing the IP address) you can also try ZeroTier. The latter does not need to declare any public IP or open ports on any router.

    (1) Example: myddns.duckdns.org, and you need to update the IP address of the DDNS (I do this in /storage/.config/autostart.sh of the WG server (Example: wget -qO- "$@" "https://duckdns.org/update/<myddns>/<myduckdns-token>" > /dev/null 2>&1).

    Edited once, last by elonesna (July 5, 2021 at 8:20 PM).