I have a site with a CCR1036 with a symmetric 10gb connection (PPPOE). This router handles an entire building(~36 companies). One of the companies is a medical lab and they have a new requirement that when connected to one of their partners they can only use their Static Wan IP. this works fine when onsite but so many people are working from home now its become a problem. We quickly set up a PPTP VPN to get them going which works but is limited to around 45mbps for some reason. I like the Idea of wireguard and the forums make it sound so easy.
I didn't originally set this router up and I am not the only admin that gets into this router so I am a bit squeamish to play around a lot.
I have it set up and connecting. it pings the wiregaurd address (172.16.50.20) but nothing else.
the client wants wireguard to work like their PPTP VPN, everything goes over the VPN. they want an IP on the main subnet that acts like they are onsite. most tutorials show a separate range but maybe I am misunderstanding.
here is the setup for this client router (RouterOS 7.7)
External IP X.X.X.249
internal network = 172.16.50.0/24
gateway = 172.16.50.5
wireguard address = 172.16.50.20
Wiregaurd client addresses 172.16.50.21-29
here is the windows config (keys are truncated for security but added so you can see they are in the right places.)
[Interface]
PrivateKey = +PWpCAraqBVV
Address = 172.16.50.22/24
DNS = 1.1.1.1
[Peer]
PublicKey = Lukk7tz13Z6JY
AllowedIPs = 0.0.0.0/0
Endpoint = X.X.X.249:369
Quick update: adding wireguard interface and assigning it an IP seems to break all routing.