Virtual Architects Support Wiki

User Tools

Site Tools

You are here: start » networking » router » mikrotik_vpn_wg
Trace: mikrotik_troubleshoot
networking:router:mikrotik_vpn_wg

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
networking:router:mikrotik_vpn_wg [2023/07/02 10:50]
gcooper 		networking:router:mikrotik_vpn_wg [2023/07/10 10:36] (current)
gcooper
Line 12: Line 12:
  
 **Road Warrior HowTo**: https://forum.mikrotik.com/viewtopic.php?p=899406 **Road Warrior HowTo**: https://forum.mikrotik.com/viewtopic.php?p=899406
 +
 +**Why WireGuard?**: https://restoreprivacy.com/vpn/wireguard-vs-openvpn/
 +
 +**Enable/Disable Peer by Comment**: https://techoverflow.net/2022/04/18/how-to-enable-disable-wireguard-peer-by-comment-on-mikrotik/
  
 <note tip>Note that **Windows workstations do not respond to pings by default**, but will if you temporarily disable the firewall.  Don't forget to turn it back on when you are done testing!</note> <note tip>Note that **Windows workstations do not respond to pings by default**, but will if you temporarily disable the firewall.  Don't forget to turn it back on when you are done testing!</note>
Line 33: Line 37:
  
 # add a wireguard interface - name is arbitrary - select UDP listen port not blocked by all ISPs # add a wireguard interface - name is arbitrary - select UDP listen port not blocked by all ISPs
-# only add/create once +/interface wireguard add comment="WireGuard VPN Endpoint" listen-port=51820 mtu=1420 name=wg0
-/interface wireguard add comment="VA - WireGuard VPN Endpoint" listen-port=51820 mtu=1420 name=wg0+
  
 # set the address of the wireguard interface - the address is arbitrary # set the address of the wireguard interface - the address is arbitrary
-# we use a /24 netmask to include all peers - name must match interface name above +# we use a /24 netmask with peer wireguard interfaces to be assigned address in 172.16.2.0/24 
-/ip address add address=172.16.2.1/24 comment="VA - Wireguard VPN Endpoint" interface=wg0 network=172.16.2.0+name must match interface name above 
 +/ip address add address=172.16.2.1/24 comment="Wireguard VPN Endpoint" interface=wg0 network=172.16.2.0
  
 # do the following for each remote site # do the following for each remote site
networking/router/mikrotik_vpn_wg.1688316635.txt.gz · Last modified: 2023/07/02 10:50 by gcooper

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki