Community discussions

MikroTik App
 
dvalilis
just joined
Topic Author
Posts: 6
Joined: Mon May 01, 2023 11:16 am

Yet another wireguard problem.

Mon May 01, 2023 11:35 am

I have been trying to figure out what i am doing wrong but with no luck.
I have a mikrotik cloud router setup on Amazon, on which i want to connect 2-3 mikrotik clients through VPN with the sole purpose of being able to connect to their winbox over the internet. Since i am using amazon Server, all firewalling comes through there, where i only have the VPN port open. I have setup a wireguard server on this CR and a windows wireguard client on the machine i will be using to connect and manage everything.

My WG Server config on CHR is this:
# may/01/2023 08:23:38 by RouterOS 7.9rc5
#
/interface wireguard
add listen-port=13231 mtu=1420 name=wg-server private-key="server-key"
/interface wireguard peers
add allowed-address=10.0.1.2/32 comment="home pc" interface=wg-server public-key="public-home-key"
add allowed-address=10.0.1.4/32 comment="second client" interface=wg-server public-key="public-second-mikrotik-key"

My Home client config is this:
[Interface]
PrivateKey = private-key
Address = 10.0.1.2/32
[Peer]
PublicKey = public-server-key
AllowedIPs = 10.0.1.0/24
Endpoint = vpn.amazon-server-address.gr:13231
and my to-be-remote-site mikrotik config is this:
# may/01/2023 11:29:54 by RouterOS 7.9rc5
#
# model = RB951Ui-2HnD
/interface wireguard
add listen-port=13232 mtu=1420 name=wireguard1 private-key="private-key"
/interface wireguard peers
add allowed-address=10.0.1.0/24 endpoint-address=vpn.amazon-server-address.gr endpoint-port=13231 interface=wireguard1 public-key="public-server-key"
I can ping and connect to the server through VPN from my homePC, and vice versa. it seems that i connect to the server from the RB951Ui (i get a handshake already and a connection)
but when i try to ping the server (or windows client) i get " 0 213.16.246.6 96 254 9ms355us admin prohibited " and i get timeouts when i try to ping RB951 from server side or windows client.

Any ideas what i might be doing wrong?

Who is online

Users browsing this forum: CGGXANNX, Netstumble and 46 guests