Good day,
the need:
- vpn server to connect remote clients to work in one LAN
- let’s call clients that could be deployed software “smart clients” (PC,laptops,smartphones,tablets)
- let’s call clients that can’t be deployed software and are IP devices like ‘printers’ - “dumb clients”
- “dumb clients” need both call and be called by any LAN clients.
openVPN setup(works as expected):
- openVPN(tap) server - vps with white IP and LAN IP
- “smart clients” installed openvpn client software, connected via internet, get LAN IP
- “dumb clients” assigned a LAN IP address via web and connected via ethernet cable to mikrotik devices
RB941-2nD/RB951Ui-2HnD RouterOS 7.10.2 where openVPN (tap) client “tunnel” is configured,connected via internet
WireGuard setup:
- WireGuard RoadWarrior server - vps with white IP and LAN IP (works as expected)
- “smart clients” installed wireguard client software, connected via internet, get LAN IP (works as expected)
- mikrotik devices RB941-2nD/RB951Ui-2HnD RouterOS 7.10.2 where wireguard client is configured,connected via internet (works as expected)
Connecting “dumb clients” to mikrotik is a question.
-
There was a try to configure WireGuard server and assign mikrotik peer couple of LAN IPs - one for mikrotik WireGuard client itself
and the other for “dumb client”
but how to handle it additionally on mikrotik side for “dumb client” is not clear, while ping from vpn server for both IPs comes ok
( IP for “dumb client” was assigned to mikrotik ethernet port for testing purposes) -
Simply assigning LAN IP to “dumb client” like in openVPN setup doesn’t work with WireGuard (because it can’t TAP? )
-
Assigning a different LAN IP is possible but then how to put such traffic into LAN IP range(? masquerade at mikrotik WireGuard interface IP)
when sending to WireGuard server?
Will appreciate any help.