I'm configuring Wireguard on a CHR with RouterOs v7.8 in test environment.
I configured the wireguard interface, declared the address and subnet in "addresses" and configured the peer.
I configured client for windows 11, it connects, but if I ping google or the IP that I have declared in "addresses" the windows prompt returns me "general error" and obviously the PC does not surf the internet. I really don't understand what the mistake is. The configurations are as follows:
- CHR Config:
Code: Select all
/interface ethernet
set [ find default-name=ether1 ] disable-running-check=no
/interface wireguard
add listen-port=53631 mtu=1420 name=wireguard1
/interface wireguard peers
add allowed-address=10.0.0.10/32 interface=wireguard1 public-key=\
"+LLZg9fWe3MnUfYV/3th**********YJ13/3NHPRw="
/ip address
add address=10.0.0.1/24 interface=wireguard1 network=10.0.0.0
add interface=ether1
/ip firewall filter
add action=accept chain=input comment="Wireguard rule" dst-port=53631 \
in-interface=ether1 protocol=udp
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
Code: Select all
[Interface]
PrivateKey = eOjDsLKv2/Iv3hrF7dpTQbsnhhvtg1vyrJksSTcgXWc=
Address = 10.0.0.10/32
DNS = 8.8.8.8
[Peer]
PublicKey = +LLZg9fWe3MnUfYV/3th94z8rSWziuhXYJ13/3NHPRw=
AllowedIPs = 0.0.0.0/0
Endpoint = 212.227.37.157:53631
PersistentKeepalive = 10
Code: Select all
:\Users\Simone>route print
===========================================================================
Elenco interfacce
34...........................WireGuard Tunnel
7...........................Kaspersky VPN
4...a0 8c ** ** ** 91 ......Intel(R) Ethernet Connection (5) I219-LM
1...........................Software Loopback Interface 1
===========================================================================
IPv4 Tabella route
===========================================================================
Route attive:
Indirizzo rete Mask Gateway Interfaccia Metrica
0.0.0.0 0.0.0.0 192.168.3.75 192.168.3.144 25
0.0.0.0 0.0.0.0 On-link 10.0.0.10 0
10.0.0.10 255.255.255.255 On-link 10.0.0.10 256
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.3.0 255.255.255.0 On-link 192.168.3.144 281
192.168.3.144 255.255.255.255 On-link 192.168.3.144 281
192.168.3.255 255.255.255.255 On-link 192.168.3.144 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.3.144 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.3.144 281
===========================================================================
Route permanenti:
Nessuna
IPv6 Tabella route
===========================================================================
Route attive:
Interf Metrica Rete Destinazione Gateway
1 331 ::1/128 On-link
4 281 fe80::/64 On-link
4 281 fe80::2faa:b39:ea07:a8d4/128
On-link
1 331 ff00::/8 On-link
4 281 ff00::/8 On-link
===========================================================================
Route permanenti:
Could someone help me figure out where I'm wrong?
Thanks yo to everyone