Page 1 of 1

Connect two Mikrotik with gray IP using WireGuard

Posted: Tue Mar 26, 2024 9:46 pm
by DyadyaGenya
Hi all. There is a need to connect two Mikrotik that have gray IPs. I understand that I need to find a server/site that would provide a similar service, that is, build a WireGuard server on its own. Preferably free. Everything that I managed to look at gives the opportunity to set up a WireGuard VPN connection, which would hide my IP address from which I am currently accessing the Internet. For example, here (proton vpn)
https://protonvpn.com/support/wireguard ... k-routers/
Using their detailed instructions, it’s easy to set up a regular VPN. But at the moment I haven’t found anyone how to connect two Mikrotik with gray addresses.
Perhaps tell me how this can be done based on the instructions above, or give me a link to another resource that makes this type of connection.

Re: Connect two Mikrotik with gray IP using WireGuard

Posted: Tue Mar 26, 2024 11:41 pm
by anav
What do you mean by gray addresses? I am only familiar with mauve addresses.

https://help.mikrotik.com/docs/display/ROS/Back+To+Home

Re: Connect two Mikrotik with gray IP using WireGuard

Posted: Wed Mar 27, 2024 12:19 am
by DyadyaGenya
What do you mean by gray addresses? I am only familiar with mauve addresses.

https://help.mikrotik.com/docs/display/ROS/Back+To+Home
Something I didn't think about. We have a tradition of calling them Grays. Gray ones are, in other words, dynamic Internet addresses. Which change after reconnection. Such addresses are primarily used by mobile Internet operators and others. Therefore, BTH is unlikely to help.
The Internet is full of instructions on how to connect two Mikrotik, if at least one has a static address, that is, white. They write that if you need to connect two Mikrotik with dynamic addresses, then you need to use a third-party service or start a VPS with WireGuard installed on it. But I don’t want to set up a VPS right now. Moreover, it is paid.

Re: Connect two Mikrotik with gray IP using WireGuard

Posted: Wed Mar 27, 2024 12:56 am
by MakroTok
Without really knowing I'd assume you'd have to configure both sied as if they'd be road warriors to each other...
Or like site-to-site but with DDNS names instead of IPs (which finally would be the same)

Re: Connect two Mikrotik with gray IP using WireGuard

Posted: Wed Mar 27, 2024 4:32 am
by anav
Gray=Dynamic?

In that case do either of the two connections provide a PUBLIC IP, to your MT router, OR to an upstream IP router, that you can forward a port on??

Re: Connect two Mikrotik with gray IP using WireGuard

Posted: Wed Mar 27, 2024 8:36 am
by holvoetn
As long as the address is publicly reachable, it doesn't really matter if it's static or dynamic.

Re: Connect two Mikrotik with gray IP using WireGuard

Posted: Wed Mar 27, 2024 11:23 am
by pajapatak
Would ZeroTier be an option here? https://help.mikrotik.com/docs/display/ROS/ZeroTier

Re: Connect two Mikrotik with gray IP using WireGuard

Posted: Wed Mar 27, 2024 12:59 pm
by anav
Gray=Dynamic?

In that case do either of the two connections provide a PUBLIC IP, to your MT router, OR to an upstream IP router, that you can forward a port on??
Question asked and not answered ????

Re: Connect two Mikrotik with gray IP using WireGuard

Posted: Wed Mar 27, 2024 1:42 pm
by Kanzler
A “gray” IP address typically refers to IP addresses that cannot be directly accessed from the Internet and are used in local networks such as home or office networks. These addresses are within reserved IPv4 ranges (e.g., 192.168.x.x) and cannot be used to communicate with external networks directly without using NAT or similar technologies. So it's not entirely clear what OP meant by that.

Re: Connect two Mikrotik with gray IP using WireGuard

Posted: Wed Mar 27, 2024 1:57 pm
by anav
I was of the understanding that BTH can very much handle two non-publicly accessible ISPs and upstream routers are not accessible to port forward to the MT device. ( static or dynamic is a bogus concern ). Zerotier is also a viable solution but one is going through a third party provider, whereas BTH is going through a third party provider which is MT.