I have a mikrotik cloud router setup on Amazon, on which i want to connect 2-3 mikrotik clients through VPN with the sole purpose of being able to connect to their winbox over the internet. Since i am using amazon Server, all firewalling comes through there, where i only have the VPN port open. I have setup a wireguard server on this CR and a windows wireguard client on the machine i will be using to connect and manage everything.
My WG Server config on CHR is this:
Code: Select all
# may/01/2023 08:23:38 by RouterOS 7.9rc5
#
/interface wireguard
add listen-port=13231 mtu=1420 name=wg-server private-key="server-key"
/interface wireguard peers
add allowed-address=10.0.1.2/32 comment="home pc" interface=wg-server public-key="public-home-key"
add allowed-address=10.0.1.4/32 comment="second client" interface=wg-server public-key="public-second-mikrotik-key"
My Home client config is this:
Code: Select all
[Interface]
PrivateKey = private-key
Address = 10.0.1.2/32
[Peer]
PublicKey = public-server-key
AllowedIPs = 10.0.1.0/24
Endpoint = vpn.amazon-server-address.gr:13231
Code: Select all
# may/01/2023 11:29:54 by RouterOS 7.9rc5
#
# model = RB951Ui-2HnD
/interface wireguard
add listen-port=13232 mtu=1420 name=wireguard1 private-key="private-key"
/interface wireguard peers
add allowed-address=10.0.1.0/24 endpoint-address=vpn.amazon-server-address.gr endpoint-port=13231 interface=wireguard1 public-key="public-server-key"
but when i try to ping the server (or windows client) i get " 0 213.16.246.6 96 254 9ms355us admin prohibited " and i get timeouts when i try to ping RB951 from server side or windows client.
Any ideas what i might be doing wrong?