![]() (table=main), and if you need to force local client users to use linux internet you will need manual routes with another table and route rules. In terms of IP ROUTES, you will need manual routes to ensure users go through the wireguard to reach LInux or other SUBNETS. In terms of FIREWALL RULES, ensure on the MT Device that the subnet or users needing access to the TUNNEL are permitted in the forward chain rules. NOTE: If the intent is to solely access the internet via the LINUX server, or any combination of the above and internet you ONLY requireĠ.0.0.0/0 as the allowed IP as that covers everything. ![]() SUBNET(S) ( at any other locations connected to the linux server, devices directly connnected to the linux server or accessible via other wireguard tunnels for example). 192.168.5.0/24 (to be able to ping the linux server or any other wireguard interfaces)Ĭ. (AKA if the wireguard IP at the server LiNUX is 192.168.5.1/24 then use 192.168.5.2/24 for the Mikrotik.)Įnsure you correctly identify the ALLOWED IPs under peer settings. What is the endpoint port and endpoint public IP (could be actual IP or one defined by a dyndns name etc.)Įnsure you use keep alive setting lets say 35 seconds.Įnsure you correctly create an IP address for the wireguard interface that falls within a coordinated plan. If the Wireguard is the client its very basic. Without looking at your config the following guidance is provided: FIRST you should read this -> viewtopic.php?p=906311#p906311
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |