For a long time I've used a Debian machine behind my Mikrotik router to host an L2TP VPN with good success. I have an Arch laptop that I setup as a client to the server, so when I'm away from home I can connect the L2CP client and access all the machines on my home network. I have been wanting to setup a VPN server on the Mikrotik device itself to simplify things and cut out the Debian machine middle man. Now with RouterOS 7, and all the good things I hear about Wireguard, it seems that time has come.
Really, I am very green behind the ears when it comes to networking, but I have learned some from owning a Mikrotik router (things like NAT hairpin that you take for granted on a consumer type router). I've read a hand full of tutorials on setting up Wireguard in RouterOS, and played around quite a bit but can't seem to get it working. Most of the tutorials are about connecting two Mikrotik devices in remote locations to each other in a sort of permanent tunnel. That's not what I am trying to do. What I am trying to do is setup a Wireguard server on my router, and then allow my Arch laptop and my iPhone to connect to that server and access my home networking from wherever my laptop or phone may be.
What I have done is create a Wireguard (server?) via the RouterOS GUI under WireGuard -> WireGuard tab. This also created a wireguard interface for me (no address). I then created a peer under WireGuard -> Peers. I then more-or-less followed this tutorial to create a configuration for my phone: https://wireguard.how/client/ios/ I used the public key for the server on the Mikrotik router, and used the private and public keys from the "Peer" I also made on the router. I can import that configuration into my phone, and it says that the Wireguard VPN connection is connected, but I can't get any traffic through to the machines on the home network. In RouterOS if I go to WireGuard- > Peers -> {the peer I made} it says "Last Handshake: 00:00:00". I also tried setting up an address for the wireguard interface but haven't had any more luck getting any traffic through (I have little idea what I am doing here...). My home network uses IPs in the space of 10.0.1.1, 10.0.1.2, 10.0.1.3, etc.
What are the major steps involved in doing what I want to do? E.g.
1. create a WG interface
2. create a WG server (WireGuard -> WireGuard tab)
3. create a peer (WireGuard -> Peers tab)
4. (create an address for the interface?)
5. (configure the routing of WG connections into the local network 0.0.1.1, 10.0.1.2, 10.0.1.3...?)
6. configure the client device (laptop or phone) as a peer connecting to the server
Any help appreciated and thanks for the patience.