Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

Wireguard to cheap and cheerful travel router

Post Reply
 
RichyRich
just joined
Topic Author
Posts: 2
Joined: Thu Jul 20, 2023 1:56 pm

Wireguard to cheap and cheerful travel router

Thu Jul 20, 2023 2:18 pm

Hey all. New to Mikrotik.

I've set up Wireguard on the Mikrotik, and have a cheap and cheerful GL inet travel router.

It has a VPN setup guide: https://docs.gl-inet.com/router/en/3/tu ... rd_client/ but whatever I do I can't get a single byte to hit the VPN. I don't think it's even connecting.

But it's asking for the private key - would this be the private key within the Wireguard Interface?

Where can I view any kind of logging in the Mikrotik?

Is there a way of exporting the wireguardd config to import on the travel router?

My firewall rules are below too if anyone has any ideas

/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=accept chain=input comment=winbox dst-port=8291 in-interface-list=\
LAN protocol=tcp
add action=accept chain=input comment="allow wireguard" dst-port=13231 \
in-interface-list=WAN protocol=udp
add action=accept chain=input disabled=yes src-address=192.168.100.0/24
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" disabled=yes \
protocol=icmp
add action=accept chain=input comment=\
"defconf: accept to local loopback (for CAPsMAN)" disabled=yes \
dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related hw-offload=yes
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none log-prefix=nat out-interface-list=WAN
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 22541
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: Wireguard to cheap and cheerful travel router

Thu Jul 20, 2023 3:36 pm

https://help.mikrotik.com/docs/display/ROS/WireGuard

viewtopic.php?t=182340
Top
Post Reply
  4. RouterOS
  5. Beginner Basics