Community discussions

MikroTik App
 
levi
just joined
Topic Author
Posts: 3
Joined: Wed Jan 05, 2022 8:05 am

wireguard connection over IPv6

Fri Aug 12, 2022 8:50 pm

Hello,
I have CRS326 with firmware 7.4.1.
I can't establish WireGuard connection over IPv6. I have working IPv4 based connection. I can ping IPv6 peer address. I can establish Wireguard tunnel from linux based host that has the same IPv6 prefix. Below are the details of configuration. I triple checked all the WireGuard details.

How can I troubleshoot this connection ?
[admin@MikroTikDist] > /ip/address print
Columns: ADDRESS, NETWORK, INTERFACE
# ADDRESS            NETWORK       INTERFACE
0 172.17.127.248/24  172.17.127.0  bridge1
1 10.6.0.7/32        10.6.0.7      dpanmar
[admin@MikroTikDist] > /ipv6/address print
Flags: D - DYNAMIC; G, L - LINK-LOCAL
Columns: ADDRESS, INTERFACE, ADVERTISE
#    ADDRESS                                    INTERFACE  ADVERTISE
0 DL fe80::43b4:80ff:5411:df70/64               dpanmar    no
1 DL fe80::990:42ba:dd8d:1f8d/64                gdansk     no
2 DL fe80::2ec8:1bff:fedb:f329/64               vlan21     no
3 DG ****:****:****:****:2ec8:1bff:fedb:f329/64  bridge1    no
[admin@MikroTikDist] > /ip/route/ print
Flags: D - DYNAMIC; A - ACTIVE; c, s, y - COPY; H - HW-OFFLOADED
Columns: DST-ADDRESS, GATEWAY, DISTANCE
#      DST-ADDRESS      GATEWAY         DISTANCE
0  AsH 0.0.0.0/0        172.17.127.254         1
1  As  10.2.10.0/24     dpanmar                1
2  As  10.6.0.0/24      dpanmar                1
  DAc  10.6.0.7/32      dpanmar                0
  DAcH 172.17.127.0/24  bridge1                0
[admin@MikroTikDist] > /ipv6/route print
Flags: D - DYNAMIC; A - ACTIVE; c, y - COPY; H - HW-OFFLOADED
Columns: DST-ADDRESS, GATEWAY, DISTANCE
     DST-ADDRESS              GATEWAY  DISTANCE
DAcH ****:****:****:****::/64  bridge1         0
DAcH fe80::%bridge1/64        bridge1         0
DAc  fe80::%dpanmar/64        dpanmar         0
DAc  fe80::%gdansk/64         gdansk          0
[admin@MikroTikDist] > /interface/wireguard print
Flags: X - disabled; R - running
 0  R name="dpanmar" mtu=1412 listen-port=13231 private-key="********" public-key="********"

 1  R name="gdansk" mtu=1412 listen-port=15231 private-key="**********" public-key="*********"
[admin@MikroTikDist] > /interface/wireguard/peers print
Columns: INTERFACE, PUBLIC-KEY, ENDPOINT-ADDRESS, ENDPOINT-PORT, ALLOWED-ADDRESS, PRESHARED-KEY, PERSISTENT-KEEPALIVE
# INTERFACE  PUBLIC-KEY     ENDPOINT-ADDRESS                        ENDPOINT-PORT  ALLOWED-ADDRESS  PRESHARED-KEY       PERSISTENT-KEEPALIVE
0 dpanmar    _public_key_   xx.yyy.137.38                           51820          10.2.10.0/24     _preshared_key_     1m
                                                                                   172.17.127.0/24
                                                                                   10.6.0.0/24
1 gdansk     _public_key_   2a01:xxxx:yyyy:zzzz:ba27:ebff:fe58:20a2 51821          10.73.44.0/24    _preshared_key_     1m
                                                                                   172.16.0.0/24
                                                                                   172.17.127.0/24

Who is online

Users browsing this forum: CodeAlpha, Semrush [Bot], shadarim, tjanas94 and 45 guests