Please review EVERY LINE and ask questions of what you dont understand.
My God!
I feel like I'm a bad student
Ok, this is my router for many years, back in the first week I was literally like
this
I remember that I wanted to use port forward, since it is hard to pinpoint which Ethernet port & whatnot .. I choose all-ethernet!
I do all settings only through GUI.
Very disorganized firewall rules. have the chains together so that all input chains rules are together and all forward chain rules are together, much easier to make sense of! (and not in the right order either)
Ok, I have to learn this trick, I'll leave it for the time being.
My home network is like this:
ISP(Internet) >> Fiber Modem (192.168.1.1) >> Mikrotik (static IP "DMZ enabled" from fiber 192.168.1.60) (internal mikrotik address 10.0.0.1) + ad-block dns server (10.0.0.2)>> 2 physical wireless (2.4GHz/5GHz) + 1 virtual guest wireless (2.4GHz) + new virtual wireguard wireless (5GHz).
Wireguard server in AWS: just ubuntu instance + pi vpn installed on it, when add a new wireguard user it gives me this:
[Interface]
Address = 10.6.0.3/24
DNS = 1.1.1.1, 1.0.0.1
PrivateKey = ***********************
[Peer]
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = *.*.*.*:51820
PreSharedKey = *************************
PublicKey = *******************
Which it works fine using wireguard software in both mobile & PC.
Also what is this setting for............ on the wlan for wireguard --> wds-default-bridge=bridge
Well, forgot why!
WDS Mode is disabled anyway in GUI, ok changed it to none.
still no internet!
What are you doing with VRF here, not required.
I'm just following sindy post
viewtopic.php?t=186836#p939878
Ok deleted it Now internet works through virtual wireguard, but internet isn't coming from AWS server, it is from my ISP.
Please review EVERY LINE and ask questions of what you dont understand.
Well I understand the concept, may I know how to inject it through command line? I uploaded it to files (in gui) then restore, but nothing happened it said files not found!
....
Edit: some wrong codes?
set detect-interface-list=NONE >>> input does not match any value of detect-interface-list
add bridge=bridge ingress-filtering=yes frame-types=admit-priority-and-untagged interface=wlan1 pvid=10 >>
syntax error (line 1 column 53)
add interface=bridge name=vlan10-H vlan-ids=10 >>
I removed "s" vlan-id=10
add listen-port=52820 mtu=1420 name=aws-london-sameer <<< Why? the port is
51820 on AWS!
add action=accept chain=input accept ICMP" protocol=icmp >>> error, maybe: add action=accept chain=input protocol=icmp
add dst-address=0.0.0.0/0 gatewy=aws-london-sameer table=useWG >>>
error:expected end of command (line 1 column 27)
/ip routing rule >>
error: bad command name routing (line 1 column 5)
add address=X.X.X.X/24 >>> it ask for what
interface! is it: aws-london-sameer ?? , also, you have to know AWS instance may not provide ip!