Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsLAN (ethernet/Wifi/routers/Bluetooth)wireguard on a Mikrotik router
Swazy

6 posts

Wannabe Geek


#311978 3-Mar-2024 17:43
Send private message

Goal set up my MikroTik RB960PGS hEX 5Port Gigabit PoE Router with wireguard so i can brows the internet as if I am at home as i will traveling overseas when most of my stuff is blocked.

 

I have tried this method https://www.youtube.com/watch?v=vn9ky7p5ESM but it will not work and several others methods of various levels of complexity and different settings but I never get it to connect.

 

 

 

I have been using the QR code method this needs a public key I used my computer to make one still no luck.

 

 

 

I think I am doing something fundamentally wrong with this as its just not working :(  

 

 

 

Any one able to help me get this set up I normally can fumble my way though a few tutorials but this one has me stumped after a few weeks of trying. 

Create new topic
ANglEAUT
altered-ego
2472 posts

Uber Geek
+1 received by user: 865

Trusted
Lifetime subscriber

  #3202844 3-Mar-2024 18:43
Send private message

Who is your IS P& do you have a static IP?

 

I think others with more knowledge will wan t to know.




Please keep this GZ community vibrant by contributing in a constructive & respectful manner.



RunningMan
9326 posts

Uber Geek
+1 received by user: 4968


  #3202850 3-Mar-2024 18:59
Send private message

You can use Mikrotik Cloud if you don't have a static IP, but it will need to be public. Basically free dynamic DNS.

 

If you are behind CGNAT, then Mikrotik Back to home will do the trick, but you'll need something newer than the router you have. ARM or Tile processor is required, the MIPS in the hEX won't do oit.

Swazy

6 posts

Wannabe Geek


  #3202856 3-Mar-2024 19:18
Send private message

ANglEAUT:

 

Who is your IS P& do you have a static IP?

 

I think others with more knowledge will wan t to know.

 

 

 

 


 

Econofiber and yes I have a static IP 

 



Swazy

6 posts

Wannabe Geek


  #3202857 3-Mar-2024 19:19
Send private message

RunningMan:

 

You can use Mikrotik Cloud if you don't have a static IP, but it will need to be public. Basically free dynamic DNS.

 

If you are behind CGNAT, then Mikrotik Back to home will do the trick, but you'll need something newer than the router you have. ARM or Tile processor is required, the MIPS in the hEX won't do oit.

 

 

 

 


 

I have a static IP ( Freebee after they went to CGNAT ) 

 

RunningMan
9326 posts

Uber Geek
+1 received by user: 4968


  #3202858 3-Mar-2024 19:28
Send private message

In that case, you need to provide quite a bit more info than just not working if you need more help.

Swazy

6 posts

Wannabe Geek


  #3202878 3-Mar-2024 19:45
Send private message

RunningMan:

 

In that case, you need to provide quite a bit more info than just not working if you need more help.

 

 

 

 

wireguard set up a server wg0. Port 13231

 

IP -> address T: 192.168.88.1/30 on wg0

 

 firewall rules  to allow traffic to the 13231 udp port.

 

Interface -> interface list add WG0 to Lan

 

Now go to wireguard peer:

 

Interface wg0 server Private key auto

 

Allowed IP address: 192.168.88.1/30

 

Then go to the client settings:

 

Endpoint: your public IP and port 13231 IP address 192.168.88.1/30 Client keep alive 00:00:25 Client DNS 10.10.1.1

 

 

 

 

 

 

 

This is what I have done so far and it just will not connect using the QR code method to set  up the phone, ( I use the public key that was generated in step 1 in the peer  step. 

 
 
 
 

Shop now on AliExpress (affiliate link).
Spyware
3826 posts

Uber Geek
+1 received by user: 1374

Lifetime subscriber

  #3202885 3-Mar-2024 20:10
Send private message

Interface wg0 server Private key auto

 

Allowed IP address: 192.168.88.1/30

 

should be

 

Interface wg0 server Private key auto

 

Allowed IP address: 192.168.88.2/32




Spark Max Fibre using Mikrotik CCR1009-8G-1S-1S+, CRS125-24G-1S, Unifi UAP, U6-Pro, UAP-AC-M-Pro, Apple TV 4K (2022), Apple TV 4K (2017), iPad Air 1st gen, iPad Air 4th gen, iPhone 13, SkyNZ3151 (the white box). If it doesn't move then it's data cabled.

Swazy

6 posts

Wannabe Geek


  #3202888 3-Mar-2024 20:16
Send private message

Spyware:

 

Interface wg0 server Private key auto

 

Allowed IP address: 192.168.88.1/30

 

should be

 

Interface wg0 server Private key auto

 

Allowed IP address: 192.168.88.2/32

 

 

 

 

The public key am I using the correct one from WG in to the peer set up?

nzkc
1638 posts

Uber Geek
+1 received by user: 1043


  #3202889 3-Mar-2024 20:23
Send private message

I ended up using this to configure Wireguard on my Mikrotik: https://github.com/IgorKha/wireguard-mikrotik

 

Ends up providing config for both the router and the client(s). Found it very useful!

Swazy

6 posts

Wannabe Geek


  #3202893 3-Mar-2024 20:32
Send private message

nzkc:

 

I ended up using this to configure Wireguard on my Mikrotik: https://github.com/IgorKha/wireguard-mikrotik

 

Ends up providing config for both the router and the client(s). Found it very useful!

 

 

 

 

 

 

OK thanks Fingers crossed :) ( time to install linux again lol) 

nzkc
1638 posts

Uber Geek
+1 received by user: 1043


  #3202896 3-Mar-2024 20:46
Send private message

It'll work on WSL too if you're running Windows

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright