Community discussions

MikroTik App
  4. RouterOS
  5. General

Site to site with Wireguard

Post Reply
 
Datanav
just joined
Topic Author
Posts: 24
Joined: Mon Jul 15, 2019 8:06 pm
Location: Nairobi, Kenya
Contact:
Contact Datanav

Site to site with Wireguard

Mon Feb 27, 2023 11:11 am

Has anyone been able to implement wireguard for site to site VPN. I have done my config as per the blog post https://grzegorzkowalik.com/konfiguracj ... e-to-site/ and honestly it does not connect. Also followed the video post on youtube https://youtu.be/P6f8Qc4EItc but still my routers do not connect. Both have static IP but still no traffic inbetween. Have allowed the necessary firewall filters(udp port 13231) on both ends plus have added static routes for the interfaces.

Code for Site A:
Code: Select all
# feb/24/2023 09:27:48 by RouterOS 7.7
# software id = MXWL-FJNR
#
# model = RB951Ui-2HnD
# serial number = xxxxxx
/interface wireguard
add listen-port=13231 mtu=1420 name=WG-Rongai
/interface wireguard peers
add allowed-address=0.0.0.0/0 endpoint-address=41.72.208.126 endpoint-port=\
    13231 interface=WG-Rongai public-key=\
    "UlMiz3f9oz97OS/M6DaAfibhp0wbtrrjLs4rSLBhDiA="


Config for Site B
Code: Select all
# feb/27/2023 12:06:25 by RouterOS 7.7
# software id = 0AFC-HK9B
#
# model = RB2011UiAS-2HnD
# serial number = xxxxxxx
/interface wireguard
add listen-port=13231 mtu=1420 name=WG-PRD
/interface wireguard peers
add allowed-address=0.0.0.0/0 endpoint-address=102.215.189.11 endpoint-port=13231 interface=WG-PRD public-key=\
    "+YvP+o0REkrCVLCiXdypp+q/uL7b82YzoSq0iedX9mU=
Thanks.
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 22401
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: Site to site with Wireguard

Mon Feb 27, 2023 2:36 pm

You have to be kidding me! Why not go to hell and listen to satan for advice........... ( do you think we have time chasing you tube LOL , kills me when people post those links, the evidence is in your config and the important information is your stated user requirements. )

All jesting aside..................
How the Eff will anyone be able to solve the issues with seeing your small bit of wireguard config?
Further if you think the problem is there, then you must know what the problem is...............

So Strike 1 - consulted idiots
Strike 2 - think you know where the problem is and thus why here lol

So as to not strike out....... the usual requests.
Please export both configs

/export file=anynameyouwish ( minus router serial number and any public WANIP information, keys etc.

Please provide a network diagram indicate key subnets and which is client and which is server for initial handshake.

By the way this is the first time I have seen both ends of a wireguard connection from two routers, with 0.0.0.0/0 set as allowed IPs.
Thus also need the requirements as in, what do you need users to do at both router vis-a-vis the wireguard tunnel.
Top
Post Reply
  4. RouterOS
  5. General