You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/Wireguard.md
+4-2Lines changed: 4 additions & 2 deletions
Original file line number
Diff line number
Diff line change
@@ -2,10 +2,11 @@
2
2
3
3
!!! info "Wireguard VPN is not included in pre-compiled binaries. It requires to self-compile with `#define USE_WIREGUARD`"
4
4
5
+
!!! warning "You should never expose a Tasmota device directly over the Internet. Tasmota Web UI should **never** be exposed on a public IP. Wireguard can only be used when your Tasmota device is behind a router with NAT."
6
+
5
7
[WireGuard®](https://www.wireguard.com/) is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. This component uses a custom implementation not developed by original authors and currently available for ESP32, ESP8266 and BK72xx microcontrollers only. The Tasmota port of Wireguard is based on the works done on ESPHome and https://github.com/droscy/esp_wireguard.
6
8
7
-
!!! info
8
-
To successfully use this component you must have WireGuard® also on your remote host (already installed and ready to accept connections). If you don't have it please read the section Remote peer setup.
9
+
To successfully use this component you must have WireGuard® also on your remote host (already installed and ready to accept connections). If you don't have it please read the section Remote peer setup.
9
10
10
11
## Configuring Wireguard
11
12
@@ -80,6 +81,7 @@ This means that you have to tweak the `[Tasmota]/Netmask` parameter to "cover" a
80
81
81
82
Currantly Wireguard for Tasmota has the following limitations:
82
83
84
+
- Wireguard VPN is currenlty only tested over Wifi, it has not been tested yet over Ethernet nor dual Eth/Wifi connections.
83
85
- the `DNS` field is currently ignored; which means that DNS may fail if it uses a DNS relay on your local network that is not reachable by your VPN server
84
86
- you can connect only to **one** peer at a time. Alghough the underlying library could connect to multiple peers, `LwIP` used in Tasmota does not support static routes which would made routing to multiple peers not practical
85
87
- On ESP8266, when a VPN connection is enabled, the Web UI is not reachable anymore. This problem does not occur on ESP32.
0 commit comments