Community discussions

MikroTik App
 
piqu
just joined
Topic Author
Posts: 3
Joined: Thu Dec 19, 2024 10:40 am

route all traffic from interface though vpn

Thu Dec 19, 2024 11:09 am

my router is configured as a switch and vpn for connecting to my network form outside
i want to route all traffic from ether4 though a vpn to change my ip
i tried some solutions from here but the computer connect to ether4 never has internet access
/interface bridge
add name=bridge
/interface wireguard
add listen-port=42192 mtu=1420 name=wgvpn # i want to route all traffic from ether4 through this
add listen-port=13231 mtu=1420 name=wireguard # for connecting to my network from outside
/interface list
add name=switch
/interface bridge port
add bridge=bridge interface=switch
/interface list member
add interface=ether1 list=switch
add interface=ether2 list=switch
add interface=ether3 list=switch
add interface=ether4 list=switch
add interface=ether5 list=switch
/interface wireguard peers
add allowed-address=192.168.0.2/32 interface=wireguard name=peer1 private-key="..." public-key="..."
add allowed-address=0.0.0.0/0,::/0 client-address=10.8.0.15/24 client-dns=1.1.1.1 endpoint-address=... \
    endpoint-port=51820 interface=wgvpn name=wgvpn preshared-key="..." public-key="..."
/ip address
add address=192.168.0.1/24 interface=wireguard network=192.168.0.0
/ip dhcp-client
add interface=bridge
/ip firewall nat
add action=masquerade chain=srcnat out-interface=bridge src-address=192.168.0.0/24
 
User avatar
panisk0
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Sun Mar 06, 2016 10:36 pm
Location: Cracow
Contact:

Re: route all traffic from interface though vpn

Thu Dec 19, 2024 12:04 pm

remove entry from NAT
show routing tables

add entry to routing policies, like:

/routing table add fib name=to_WAN_wg
/routing rule add action=lookup-only-in-table src-address=192.168.0.0/24 table=to_WAN_wg
/ip route add dst-address=0.0.0.0/0 gateway=192.168.0.1 routing-table=to_WAN_wg
 
piqu
just joined
Topic Author
Posts: 3
Joined: Thu Dec 19, 2024 10:40 am

Re: route all traffic from interface though vpn

Thu Dec 19, 2024 2:27 pm

remove entry from NAT
show routing tables

add entry to routing policies, like:

/routing table add fib name=to_WAN_wg
/routing rule add action=lookup-only-in-table src-address=192.168.0.0/24 table=to_WAN_wg
/ip route add dst-address=0.0.0.0/0 gateway=192.168.0.1 routing-table=to_WAN_wg
i dont think that would work how i want it to. i use the wiregaurd interface with the name wireguard to access my home network from outside and that already works. i want to send all traffic from ether4 through the other wireguard vpn called wgvpn to mide my ip
 
User avatar
panisk0
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Sun Mar 06, 2016 10:36 pm
Location: Cracow
Contact:

Re: route all traffic from interface though vpn

Thu Dec 19, 2024 2:39 pm

You need to base your routing on IP addresses.
Draw a diagram and I'll try to help...
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 21890
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: route all traffic from interface though vpn

Thu Dec 19, 2024 2:58 pm

Are we sure a device acting as a switch an be a WIreguard device? ( no routing, no nat etc.........)
 
piqu
just joined
Topic Author
Posts: 3
Joined: Thu Dec 19, 2024 10:40 am

Re: route all traffic from interface though vpn

Thu Dec 19, 2024 7:06 pm

You need to base your routing on IP addresses.
Draw a diagram and I'll try to help...
i have never done that before. what software should i use and can you show me a good example?
Are we sure a device acting as a switch an be a WIreguard device? ( no routing, no nat etc.........)
idk if i should call it switch or routner. other then connecting the vpn to my network its not doing any routing or nat
/ip firewall nat
add action=masquerade chain=srcnat out-interface=bridge src-address=192.168.0.0/24

Who is online

Users browsing this forum: No registered users and 19 guests