This is an old revision of the document!
Incomplete
http://wiki.mikrotik.com/wiki/Manual:IP/IPsec
https://help.mikrotik.com/docs/display/ROS/WireGuard
HowTo: https://forum.mikrotik.com/viewtopic.php?t=182340
Road Warrior HowTo: https://forum.mikrotik.com/viewtopic.php?p=899406
First we configure the admin
password:
Use Quick Set for basic router configuration:
Create the WireGuard VPN interface:
Define a WireGuard VPN peer:
Show a connected peer:
Add an IP address to the WireGuard interface:
Add a static route for remote IP subnet behind peer:
At this point, you should be able to ping devices to or from the subnets behind either router.
/interface wireguard add listen-port=51820 mtu=1420 name=wireguard1 /interface wireguard peers add allowed-address=172.16.2.1/32,192.168.50.0/24 comment=<server-site-name> \ endpoint-address=<server-public-ip> endpoint-port=51820 interface=wireguard1 \ persistent-keepalive=25s public-key="<server-public-key>" /ip route add disabled=no dst-address=192.168.50.0/24 gateway=wireguard1 routing-table=\ main suppress-hw-offload=no