Hello,
I have 3 Mikrotik routers with dinamyc public IP. I want to connect all of them with Wireguard, but I need to use the DDNS instead of IP.
Is it possible?
Best regards.
Well, It might not be the best experience , but it’s doable with DDNS.
Yes, what kind of connection were you looking for, a detailed plan leads to best results.
Be aware one side needs to connect (client) to the other (Server) and after that two way traffic can result.
Edit: if all Mt devices have accessible public IPs, then anyone could connect to the other, doesnt matter really.
do you have a set of requirements (users need to do what?)
Ideally one needs to have a fixed IP or you need to be able to use another device with fixed IP as relay/hub for the rest.
But yes, can be done.
Makes it more important to take into account the “DNS not resolving at startup” behavior of Mikrotik’s Wireguard implementation.
Easily solvable with a small script until they solve it in ROS (see earlier linked thread).
Hello,
Still there is no solution for this.
It will be available in next ROS releases?
Regards.
No, but you have not answered any questions.
Do you plan on ONE wireguard interface that all three devices reside on
All on same wireguard address schema
OR three pairs of separate wireguard interfaces
router1 to router2 (wireguard12) wireguard address A
router1 to router3 (wireguard13) wireguard address B
router2 to router3 (wireguard 23) wireguard address C
+++++++++++++++++++++++++++++++++++++++++++
The answers will come from your requirements already requested.
Note that if you have overlapping peers at any point (an any device) easily happens with multiple peers then you will need to create separate wireguard interfaces but if not, probably most efficient to keep it to one.
Hi,
I will configure this way:
router1 to router2 (wireguard12) wireguard address A
router1 to router3 (wireguard13) wireguard address B
router2 to router3 (wireguard 23) wireguard address C
Each router connect to all nodes.
Regards.
Should be possible.
Read this for guidance.
https://forum.mikrotik.com/viewtopic.php?t=182340
Once you have your three configs done and are running into issues,
-post all three here and will have a look.
-include a network diagram as well.
-provide user requirements, what each user/device, groups of users/devices, admin should be able to do and not be able to do.
With the above information, it wont take long to resolve any outstanding issues.
Thanks for your help.
But I can not configure the DDNS variable in the endpoint:
The link looks really great!
Regards.
Congratulations, it looks like you found a bug in WebFig. It works in WinBox and CLI.
Webfig, yuck…
Hi,
How could I report the bug?
Kind regards.
zorrua, its terribly complicated and found only on the dark web, its a wonder anyone can find it…
/////////////////////
…
The link for the instructions brings you here, if its not clear its a link.
https://wiki.mikrotik.com/wiki/Manual:Support_Output_File
the newer site.
https://help.mikrotik.com/docs/display/ROS/Supout.rif
Hello,
I send a email to support@mikrotik.com, this is the reply: We look forward to fixing it on upcoming RouterOS versions, unfortunately, I cannot provide an ETA now.
Hope we have this working soon.
Kind regards.
Excellent work, yes it seems they dont spend much energy on ancillary methods of access be it webconfig or IOS updates.
Basically hiring more workers to do that work, in a reasonable time frame, would eat into the profits of the Latvian Millionaires that own the company and we cannot have that can we. 
Yes, I get the impression that the amazing working staff at Mikrotik have their hands (fiscal) tied behind their backs. They have much pride in their work but only can do so much with the resources available.