Community discussions

MikroTik App
 
johnhays
just joined
Topic Author
Posts: 1
Joined: Sun Jan 16, 2022 2:34 am

Wireguard - V7 as client routing non-RFC 1918 subnet

Sun Jan 16, 2022 3:12 am

I have been trying to get this working for a couple of weeks now, and just can't make it work. I have looked at other recipes in the forum and tried various methods.

Scenario
I have a server running in a data center. Internet traffic for a couple of /24s come into the server just fine. I have previously routed subnets of these using OpenVPN and LT2P out to other locations, I want to switch to Wireguard.

I have configured and can get Wireguard between the server and a RB2011 series with 7.1.1 stable using 10.x.x.x and can ping / ssh bidirectionally. What I cannot get to work is bidirectional routing of my non RFC 1918 addresses over the tunnel.

What I want to achieve is to have a subnet on one (or more) ethernet ports on the RB2011 that can be routed default (0.0.0.0/0) through my data center server. (other traffic, including to the wiregaurd server would go out with a masqueraded address to my main router (rb 4011).

Bonus points for also routing some IPv6 subnets.

Any working examples would be appreciated.

I am not new to Mikrotik, I have been using them for many, many years, but could really use some guidance.
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: Wireguard - V7 as client routing non-RFC 1918 subnet

Tue Jan 18, 2022 3:15 am

So how far did you get? It would be good idea to post your config and someone will (probably) tell you what's wrong with it.

As a hint, you want new routing table, default route in that routing table pointing to the tunnel, and routing rule(s) telling the router to use this routing table for selected source interfaces or addresses.

Who is online

Users browsing this forum: No registered users and 18 guests