Wiregaurd VPN no longer accessing BI

[pbc]

I think I'm having a WG issue, not a BI, issue, and for the life of me can't figure it out so wondering if anyone can think of some ideas...

A few years ago I installed WG on my RPi 4 so that I could create a VPN to log into BlueIris from my mobile phone when away to view my security cameras. I never set up a DDNS address, simply used whatever my most current ISP address was. I then set up a reboot of my RPi every night. For over a year I haven't had any issues, but in the last week or so I have not been able to connect to my WG VPN.

I have tried removing my tunnel and adding a new one via the QR method. Have rebooted several times. Double checked that my router/port settings had not changed.

I then figured maybe it was something to do with the fact that my ISP changed the IPv4 address and thought I'd try and use my NoIP account.

So I used this guide to set it up:

How To: Setup Raspberry Pi with PiVPN, WireGuard and NoIP.com : Joshua Lowcock

Everything seemed to go swimmingly and I didn't get any error messages (and checked the trouble shooting part, and again everything seemed to be okay at the server end).

But I still am unable to connect to BI. I can connect when I'm at home via wifi, but turning off wifi and connecting via WG VPN and I get a connection timeout/error when I try to get to BI. I'm fairly certain it is a WG issue, as I also am unable to get internet access through WG and can't connect to any of my internal IP's.

Everything seemed to work swimmingly until maybe a week or two ago.

Just looking to see if anyone has an idea of what I can check here?

 

[Mike A.]

Start from the top and work down. First, check to see that you're making the connection to your network. You can look at the log in WireGuard and/or try to access something else within your network. If you're not getting that far, then you're not going to get to BI.

 

[pbc]

Start from the top and work down. First, check to see that you're making the connection to your network. You can look at the log in WireGuard and/or try to access something else within your network. If you're not getting that far, then you're not going to get to BI.

Correct, I'm not getting into anything, so I'm assuming it's a WG or Router/firewall issue, but can't figure it out.

 

[Mike A.]

In the log do you see that you're hitting your host IP or not? Is it finding your IP/host but failing connection?

 

[pbc]

The handshake does not complete.

 

[Mike A.]

OK, so you're getting there. Is there a specific error showing in the log? Under Settings, View Log. You should also have some log on the server side but I don't run on the Pi so not sure where to tell you to look.

 

[pbc]

In the Wiregaurd log on my phone, when I connect to the tunnel is says "Tunnel is now connected".

But when I try and access anything via the tunnel, it gives me the handshake error: [NET] peer(ltej...9rRo)

 

[Mike A.]

When you killed the tunnel did you check that the firewall rules didn't change and you still have a valid path through?

Did you set up on the client side again too after killing it on the server side? I haven't used the QR code setup and don't recall whether that pulls in the cert on the client side. If they were mismatched then that might account for the error.

Might be easier to just kill it off completely on both sides and set up from scratch again.

 

[pbc]

Ended up doing just that, reinstalling and going through everything in the link I posted above. Finally working again.