Hello,
I’ve failed, trying my best not to start yet another Wireguard topic this one couldn’t fit anywhere (or would fit each and every other…)
In this case I’m using Proton VPN, but I don’t think they are the only 3rd party provider with this way of config.
The basic workflow is:
- Go to their website
- Generate config file based on server country and options
- Configure router based on data included in file
Now let’s say I want to change a country where I exit tunnel I could:
- Generate new config and configure new interface or reconfigure old
- Grab details of the server from API and update Peer on MikroTik
Option B won’t give me new private key to enter under interface - my concern is: do I need to update it?
Whole change of the country process is possible by updating two parameters on peer:
/interface wireguard peers set [find comment=dynprot] endpoint-address=$pvip public-key=$pvkey}
It works with private key provided by different config file before (at least looks like it does - I have connectivity with public IP from new server, but didn’t get into details of encryption of packets etc.)
Is this correct to assume that each and every Proton server has access to centrally stored public keys assigned with my machine in order to identify me as authorised?
Are there any additional implications of such approach?