My home network PC ip is 192.168.130.30
My local network is 192.168.130.1
I have Wireguard network 192.168.170.1
I use my phone to connect to my home network from the outside via wireguard with IP 192.168.170.2
How can I connect the PC to wireguard network 192.168.170.1 so that my phone & my PC can be in the same network?
For example the PC can have the IP 192.618.170.10 after connecting successfully to the wireguard network. Is that possible?
Please help me.
# jan/06/2022 21:50:43 by RouterOS 7.1.1
# model = RB760iGS
/interface wireguard
add disabled=no listen-port=12345 mtu=1420 name=wireguard1
/queue interface
set bridge1 queue=no-queue
set bridgeIPTV queue=no-queue
set wireguard1 queue=no-queue
/interface vlan
add arp=enabled arp-timeout=auto disabled=no interface=ether1 loop-protect=\
default loop-protect-disable-time=5m loop-protect-send-interval=5s mtu=\
1438 name="internet ISP" use-service-tag=no vlan-id=35
/queue interface
set "internet ISP" queue=no-queue
/ip pool
add name="main pool" ranges=192.168.130.50-192.168.130.150
add name="vpn pool" ranges=192.168.130.249-192.168.130.254
/ip dhcp-server
add address-pool="main pool" authoritative=yes disabled=no interface=bridge1 \
lease-script="" lease-time=10m name=server1 use-radius=no
/port
set 0 baud-rate=auto data-bits=8 flow-control=none name=serial0 parity=none \
stop-bits=1
/interface pppoe-client
add ac-name="" add-default-route=yes allow=pap,chap default-route-distance=1 \
dial-on-demand=no disabled=no interface="internet ISP" \
keepalive-timeout=10 max-mru=1500 max-mtu=1500 mrru=disabled name=\
pppoe-out1 profile=default service-name="" use-peer-dns=yes user=\
abcxyz
/queue interface
set pppoe-out1 queue=no-queue
/queue interface
set ether1 queue=only-hardware-queue
set ether2 queue=only-hardware-queue
set ether3 queue=only-hardware-queue
set ether4 queue=only-hardware-queue
set ether5 queue=only-hardware-queue
set sfp1 queue=only-hardware-queue
/routing table
add disabled=no fib name=vpn
/interface bridge port
add auto-isolate=no bpdu-guard=no bridge=bridge1 broadcast-flood=yes \
disabled=no edge=auto fast-leave=no frame-types=admit-all horizon=none \
hw=yes ingress-filtering=no interface=ether3 internal-path-cost=10 learn=\
auto multicast-router=temporary-query path-cost=10 point-to-point=auto \
priority=0x80 pvid=1 restricted-role=no restricted-tcn=no tag-stacking=no \
trusted=no unknown-multicast-flood=yes unknown-unicast-flood=yes
add auto-isolate=no bpdu-guard=no bridge=bridge1 broadcast-flood=yes \
disabled=no edge=auto fast-leave=no frame-types=admit-all horizon=none \
hw=yes ingress-filtering=no interface=ether2 internal-path-cost=10 learn=\
auto multicast-router=temporary-query path-cost=10 point-to-point=auto \
priority=0x80 pvid=1 restricted-role=no restricted-tcn=no tag-stacking=no \
trusted=no unknown-multicast-flood=yes unknown-unicast-flood=yes
add auto-isolate=no bpdu-guard=no bridge=bridge1 broadcast-flood=yes \
disabled=no edge=auto fast-leave=no frame-types=admit-all horizon=none \
hw=yes ingress-filtering=no interface=ether5 internal-path-cost=10 learn=\
auto multicast-router=temporary-query path-cost=10 point-to-point=auto \
priority=0x80 pvid=1 restricted-role=no restricted-tcn=no tag-stacking=no \
trusted=no unknown-multicast-flood=yes unknown-unicast-flood=yes
/interface bridge port-controller
# disabled
set bridge=none cascade-ports="" switch=none
/interface bridge port-extender
# disabled
set control-ports="" excluded-ports="" switch=none
/interface bridge settings
set allow-fast-path=yes use-ip-firewall=no use-ip-firewall-for-pppoe=no \
use-ip-firewall-for-vlan=no
/ip settings
set accept-redirects=no accept-source-route=no allow-fast-path=yes \
arp-timeout=30s icmp-rate-limit=10 icmp-rate-mask=0x1818 ip-forward=yes \
max-neighbor-entries=8192 route-cache=yes rp-filter=no secure-redirects=\
yes send-redirects=yes tcp-syncookies=no
/interface wireguard peers
add allowed-address=192.168.170.2/32 comment=phone disabled=no \
endpoint-address="" endpoint-port=0 interface=wireguard1 public-key=\
"2asdfsdfsdfsddsfsdfsdfsdlkfjdsklfjsd="
add allowed-address=192.168.170.3/32 comment="quest 2" disabled=no \
endpoint-address="" endpoint-port=0 interface=wireguard1 public-key=\
"sdfsdfdsfsdfsdfsdf/dsfsdfdsfdsf/sdfdsfdsfds="
/ip address
add address=192.168.130.1/24 disabled=no interface=bridge1 network=\
192.168.130.0
add address=192.168.170.1/24 disabled=no interface=wireguard1 network=\
192.168.170.0
/ip dhcp-client
add add-default-route=yes default-route-distance=1 dhcp-options=\
hostname,clientid disabled=yes interface=ether1 use-peer-dns=yes \
use-peer-ntp=yes
add add-default-route=yes default-route-distance=1 dhcp-options=\
hostname,clientid disabled=yes interface="internet ISP" use-peer-dns=\
yes use-peer-ntp=yes
/ip dhcp-server config
set accounting=yes interim-update=0s radius-password=empty store-leases-disk=\
never
/ip dhcp-server lease
add address=192.168.130.30 address-lists="" client-id=1:11:11:11:11:11:11 \
comment=PC dhcp-option="" disabled=no !insert-queue-before mac-address=\
11:11:11:11:11:11 server=server1
/ip dhcp-server network
add address=192.168.130.0/24 caps-manager="" dhcp-option="" dns-server="" \
gateway=192.168.130.1 netmask=24 !next-server ntp-server="" wins-server=\
""
Re: Can outside wireguard device have the same network with internal network device? [SOLVED]
Connecting the PC as another WG client would do the trick. What's the ultimate goal?
Re: Can outside wireguard device have the same network with internal network device?
I have tried but it didn't work on my local network.Connecting the PC as another WG client would do the trick. What's the ultimate goal?
I could use the following config to connect from the outside via my phone.
But when I used the config for my local PC from the local network. it did not work.
After connecting. I cannot ping 192.168.130.1 and I cannot connect to the internet.
The other laptop from the same local network cannot ping 192.168.170.10 too.
[Interface]
PrivateKey = KeyFromMyPc=
ListenPort = 12345
Address = 192.168.170.10/24
DNS = 192.168.170.1
[Peer]
PublicKey = KeyFromMikrotikRouter=
AllowedIPs = 0.0.0.0/0
Endpoint = 192.168.170.1:12345
Re: Can outside wireguard device have the same network with internal network device?
Thank you. It works but it only works with DNS = 1.1.1.1. Without 1.1.1.1, I cannot access internet from that PC.Connecting the PC as another WG client would do the trick. What's the ultimate goal?
Does anyone know how to use 192.168.170.1 as DNS?
[Interface]
PrivateKey = KeyFromMyPc=
ListenPort = 12345
Address = 192.168.170.10/24
DNS = 1.1.1.1
[Peer]
PublicKey = KeyFromMikrotikRouter=
AllowedIPs = 0.0.0.0/0
Endpoint = 192.168.170.1:12345
Re: Can outside wireguard device have the same network with internal network device?
My idea was slightly different, i.e. to connect to server 192.168.130.1 and only use 192.168.170.0/24 for AllowedIPs. That would put the PC in 192.168.170.0/24 without affecting anything else. But it's still not clear to me, why would you want to do that at all. I have strong suspicion that you are actually trying to solve some problem and you found one solution to do it, but it's not the best one. So I'd suggest to describe what the problem is, and maybe you'll get better advice.