Now I look and feel like the Grinch! Can Anyone please help, SantaTik? Are you out there?
Design
Code: Select all
WIREGAURD CLIENT ----- INTERNET ----- MICROTIK RB4011iGS+RM ----- RPI4 WIREGUARD SERVER
IP 192.168.10.10------ WAN IP ------- 192.168.1.1/24 LAN ----- 192.168.1.120, VPN 192.168.10.1 LAN
Below was used to work with my NetGear Router
RPI4 Wiregard Server wg0.conf
Code: Select all
[Interface]
PrivateKey = iF<SECRET>2I=
Address = 192.168.10.1/24
ListenPort = 993
DNS = 192.168.1.1
### begin laptop ###
[Peer]
PublicKey = Nu<SECRET>w=
PresharedKey = 05<SECRET>U=
AllowedIPs = 0.0.0.0/1, 128.0.0.0/1, ::/1, 8000::/1
#AllowedIPs = 192.168.10.10/32
### end laptop ###
Laptop wg0.conf
Code: Select all
[Interface]
PrivateKey = KG<SECRET>g=
Address = 192.168.10.10/24
DNS = 192.168.1.1, 208.67.222.222, 208.67.220.220
MTU = 1420
[Peer]
PublicKey = ln<SECRET>Co=
PresharedKey = 05<SECRET>pU=
Endpoint = pimedia.ca:993
AllowedIPs = 192.168.1.0/24, 192.168.10.0/24
#AllowedIPs = 192.168.0.0/16
Code: Select all
[mcon@mcon-XPS-15-9550 ~]$ wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 192.168.10.10/24 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] resolvconf -a tun.wg0 -m 0 -x
[#] ip -4 route add 192.168.1.0/24 dev wg0
[mcon@mcon-XPS-15-9550 ~]$ ip addr show wg0
4: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
link/none
inet 192.168.10.10/24 scope global wg0
valid_lft forever preferred_lft forever
[mcon@mcon-XPS-15-9550 ~]$ ifconfig wg0
wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420
inet 192.168.10.10 netmask 255.255.255.0 destination 192.168.10.10
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 52 bytes 7696 (7.6 KB)
TX errors 11 dropped 0 overruns 0 carrier 0 collisions 0
My Current MikroTik Setup
My Wireguard Client Connections works but I don't know how to allow traffic from the RPI4 VPN (192.168.1.120) client connections to the LAN(192.168.1.1/24)