I want to connect through public ip using 8888 port by wireguard then:
- some using for internet
- some access to local server
using
- Dynamic IP just for internet not through (prevent) public ip
- what to not prevent for wireguard to work well?
Public IP with Dynamic IP using Wireguard
Hello,
I want to connect through public ip using 8888 port by wireguard then:
using
I want to connect through public ip using 8888 port by wireguard then:
using
Re: Public IP with Dynamic IP using Wireguard
Your explanation is lacking so hard to understand. It helps to describe use cases.
First is the main wireguard device ( all are connecting to) a mikrotik device? ( a server for connection ).
What are the clients, laptops, iphones, any other routers involved?
which need access to local subnets?
which need access to internet?
which need access to both?
Is the admin involved ( connecting to router for purposes of being able to confiig the router ) ?
It appears you want to be able to connect to wireguard on a specific port, is there a reason to use 8888 as wireguard will connect on any port of your choosing......... Why 8888?
First is the main wireguard device ( all are connecting to) a mikrotik device? ( a server for connection ).
What are the clients, laptops, iphones, any other routers involved?
which need access to local subnets?
which need access to internet?
which need access to both?
Is the admin involved ( connecting to router for purposes of being able to confiig the router ) ?
It appears you want to be able to connect to wireguard on a specific port, is there a reason to use 8888 as wireguard will connect on any port of your choosing......... Why 8888?
Re: Public IP with Dynamic IP using Wireguard
Thanks for replyYour explanation is lacking so hard to understand. It helps to describe use cases.
First is the main wireguard device ( all are connecting to) a mikrotik device? ( a server for connection ).
What are the clients, laptops, iphones, any other routers involved?
which need access to local subnets?
which need access to internet?
which need access to both?
Is the admin involved ( connecting to router for purposes of being able to confiig the router ) ?
It appears you want to be able to connect to wireguard on a specific port, is there a reason to use 8888 as wireguard will connect on any port of your choosing......... Why 8888?
ok,i will try to be more clear
- connect from outside using wireguard (public ip) with static port and none default (i set 8888 as example)
- then get inside router using gateway ip of wireguard like 192.168.55.4/24
- connect for access local server
- connect for access internet wanna the internet go through dynamic IP not through public IP
- sometimes both
- i wanna to use best security so like for local server just open specific port and what ports shouldn't closes that used for wireguard
Re: Public IP with Dynamic IP using Wireguard
You failed to answer any of my questions. One more try..........
First is the main wireguard device ( all are connecting to) a mikrotik device? ( the wireguard server ).
What are the clients, laptops, iphones, any other routers involved?
which need access to local subnets?
which need access to internet?
which need access to both?
Is the admin involved ( connecting to router for purposes of being able to confiig the router ) ?
It appears you want to be able to connect to wireguard on a specific port, is there a reason to use 8888 as wireguard will connect on any port of your choosing......... Why 8888?
+++++++++++++++++++++++++++++++++++++++++++++++++
What I think you may be describing is
a. you have a mikrotik router with an an accessible public IP which will act as your wireguard server vice the rest which are wireguard clients in terms of the initial connection.
b. you have unknown other devices, will assume none of them are mikrotik device but maybe laptops and iphones for example.
c. you have a server on the Mikrotik device.
d. you only want people to be able to reach the server via the wireguard tunnel and not via the public IP of the router.
e. you want same people to be able to use the internet of the mikrotik router via the wireguard tunnel.
I still dont get why port 8888?? lets use 15888
+++++++++++++++++++++++++++++++++++++++++++++++
Have a thorough read as all the answers are here - viewtopic.php?t=182340
In general decide on a wireguard addressing scheme.
typically the router gets something like 10.10.10.1/24 for IP address and the rest off the client get one similar
laptops/iphones etc.. not routers 10.10.10.X/32
other routers 10.10.10.Y/24
Then figure out the allowed IPs for each setup.
Then figure out the firewall rules for each setup
Then figure out the routes required for each setup
For single devices its pretty easy,
allowed IP = destination address you will plug in and thus WG will permit to enter the tunnel at the device end..........
typically its 10.10.10.0/24 { allows pinging of wg points}, and whatever subnets on the router you want access to.
However if internet is involved, this is described by 0.0.0.0/0 and already includes the two previous entries which would then not be required.
The other thing on single devices is to ensure you put a keep alive number anywhere from 15-50 seconds is fine....
The router is more complicated and thus the reading is required.
Good luck when you have a config to show, post it here in complete form.
/export file=anynameyouwish ( minus router serial # and any public WANIP information ) no keys either LOL.
First is the main wireguard device ( all are connecting to) a mikrotik device? ( the wireguard server ).
What are the clients, laptops, iphones, any other routers involved?
which need access to local subnets?
which need access to internet?
which need access to both?
Is the admin involved ( connecting to router for purposes of being able to confiig the router ) ?
It appears you want to be able to connect to wireguard on a specific port, is there a reason to use 8888 as wireguard will connect on any port of your choosing......... Why 8888?
+++++++++++++++++++++++++++++++++++++++++++++++++
What I think you may be describing is
a. you have a mikrotik router with an an accessible public IP which will act as your wireguard server vice the rest which are wireguard clients in terms of the initial connection.
b. you have unknown other devices, will assume none of them are mikrotik device but maybe laptops and iphones for example.
c. you have a server on the Mikrotik device.
d. you only want people to be able to reach the server via the wireguard tunnel and not via the public IP of the router.
e. you want same people to be able to use the internet of the mikrotik router via the wireguard tunnel.
I still dont get why port 8888?? lets use 15888
+++++++++++++++++++++++++++++++++++++++++++++++
Have a thorough read as all the answers are here - viewtopic.php?t=182340
In general decide on a wireguard addressing scheme.
typically the router gets something like 10.10.10.1/24 for IP address and the rest off the client get one similar
laptops/iphones etc.. not routers 10.10.10.X/32
other routers 10.10.10.Y/24
Then figure out the allowed IPs for each setup.
Then figure out the firewall rules for each setup
Then figure out the routes required for each setup
For single devices its pretty easy,
allowed IP = destination address you will plug in and thus WG will permit to enter the tunnel at the device end..........
typically its 10.10.10.0/24 { allows pinging of wg points}, and whatever subnets on the router you want access to.
However if internet is involved, this is described by 0.0.0.0/0 and already includes the two previous entries which would then not be required.
The other thing on single devices is to ensure you put a keep alive number anywhere from 15-50 seconds is fine....
The router is more complicated and thus the reading is required.
Good luck when you have a config to show, post it here in complete form.
/export file=anynameyouwish ( minus router serial # and any public WANIP information ) no keys either LOL.
Re: Public IP with Dynamic IP using Wireguard
ok,ill try to read ur topic
thanks
thanks
Who is online
Users browsing this forum: FranMercedesG and 20 guests