Hi,
I am trying to set up SSH access from my VPS (public IP, Ubuntu) to my MikroTik router (public IP, but behind quite prohibitive router). I decided to try and use a Wireguard implementation in RouterOS v7.1rc5. Before trying to set this up, I managed to successfully set up my laptop as a client to my VPS (in this setup, this is the “server”). Everything is going on a 10.0.0.0/24 network with 10.0.0.1 being my VPS and 10.0.0.2 being my laptop. I managed to set up also Wireguard on MikroTik. According to my VPS, the handshake went OK:
peer: (key)
endpoint: (Router's public IP address):13231
allowed ips: 10.0.0.3/32
latest handshake: 1 minute, 55 seconds ago
transfer: 5.02 KiB received, 39.79 KiB sent
The problem is, I am not able to ping the router nor my VPS (ping nor tcpdump on wg0 interface shows anything, this is different from ping to/from my laptop). When I try to ping from VPS, I can see that there is traffic on wireguard’s interface on the router. I can also see, using Torch, that on this interface there is also a packet going in the other direction (responding to ping from VPS) but this packet is I guess dropped somewhere. This exact setup is working on my laptop, so I expect, there is not something terribly wrong on the side of VPS but rather on the side of the router. I went through most of the guides and it seems that there could be a problem with routing or firewall. I checked the routing table many times and it seems okay to me. In the case of the firewall, I had the impression that it’s not very prohibitive in the case of an outgoing packet, so I am pretty lost right now. Thank you very much for any help!
Everything is in a basic and clean setup. Thing’s that I added are (except for wireguard interface):
WireGuard → Peers:
Endpoint: (VPS public IP)
Endpoint Port: 41194
Allowed Address: 10.0.0.0/24
Persistent Keepalive: 00:00:15
IP → Addresses:
Address: 10.0.0.0/24
Network: 10.0.0.0
Interface: wireguard1
IP → Routes:
Dst. Address: 10.0.0.0/24
Gateway: %wireguard1
