AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Wireguard routeros9/1/2023 ![]() ![]() ![]() interface wireguard add name=wireguard-clientĪdd allowed-address=192.168.100.2/24,N.M.0.0/16 endpoint-address= endpoint-port=12345 interface=wireguard-client public-key="Server Public Key=" (It actually does this even if you specify an endpoint IP, the endpoint IP is just what it will try in the first instance)Ĭode: Select all # jun/19/2021 23:09:37 by RouterOS 7.1beta6 The remote peer will either need your networks you want to be reachable behind your routerOS device it's allowedIP's or you'll need a NAT rule in the firewall on the router to make any traffic appear to have come from the router itself.Īlso if you are planning to route 0.0.0.0/0 down wireguard you also need either a static route for the IP of the wireguard server or to use a different routing table for the tunneled traffic as you need to route the traffic for wireguard itself outside of the tunnel.īy the way you don't need to specify the IP/Port for the client side in the server side if you don't want to (Handy for Dynamic IP's), if Wireguard receives a packet with the correct encryption it will just respond to whichever IP:Port the packet came from. ![]() However wireguard on routerOS doesn't automatically add routes so you will need to add any routes for remote networks you want to reach via wireguard. You add the remote wireguard peer in exactly the same way you would if it was a client connecting into the router. ![]()
0 Comments
Read More
Leave a Reply. |