First of all: This is not strictly a DIETPI issue. My past experience is just, that here are highly skilled IT People and i hope im getting some hints/help, where the issues is. BUT i dont not expect any help. thanks for reading:
So i have following setup:
Router: Asus RT-AX86U
→ This has a Wireguard Server Function. So you can run a Wireguard Server out of the box.
Client: Amazon Fire TV 4K Max
I using the latest available .apk from the wireguard website. It links to the f-droid store and i used Version 1.0.20220516 (492)
So what i did until now:
- I went to my asus router page, and used the Wireguard VPN Server Tab to create .conf files to connect with my client to the wireguard server.
- First i tested a .conf file with my iphone and it worked perfectly. icould import the .conf file in the official wireguard client for iOS
- than i created another .conf files designated for the fire tv stick 4k MAX.
- I installed via f-droid and the Downloader app the wireguard client apk.
→ During Import of the .conf file i get the error:
Unable to import tunnel: Unknown section in Config
Here a screenshot: Bild-2023-01-24-112158883 hosted at ImgBB — ImgBB
That is in the .conf file:
For me that looks all normal? I ofc deleted my keys for privacy reasons.
What is my issue and can it get fixed? Online it seems that many people report, that using wireguard with a fire tv device works.
I tested it on a second device: Fire TV Cube (2nd Gen) and got the same error
Maybe it’s a hidden character like blank or tab which is in the config file. You may check this an remove carriage returns, blanks etc.
This could be a reason. Maybe the parser is a bit piggy…
first of all thank you for your feedback!
The Problem is, that i just have this vanilla file from my asus router. i do not have a comparison file, which i know how the structure etc should be.
Is there some examples? The wireguard website did not provide such a thing
the file looking good. We basically have the same file on plain Wiregaurd install
Address = 10.9.0.2/24
PrivateKey = Yxxx=
# Comment the following to preserve the clients default DNS server, or force a desired one.
DNS = 10.9.0.1
# Kill switch: Uncomment the following, if the client should stop any network traffic, when disconnected from the VPN server
# NB: This requires "iptables" to be installed, thus will most likely not work on mobile phones.
#PostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
#PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
PublicKey = Dxxx=
# Tunnel all network traffic through the VPN:
# AllowedIPs = 0.0.0.0/0, ::/0
# Tunnel access to server-side local network only:
# AllowedIPs = 192.168.0.0/24
# Tunnel access to VPN server only:
# AllowedIPs = 192.168.0.11/32
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = your.ddns.com:51820
# Uncomment the following, if you're behind a NAT and want the connection to be kept alive.
#PersistentKeepalive = 25