📛Secure fast and easy VPN on MikroTik with Wireguard. This is CRAZY v7.1.1 [Re-upload]📛

37 comments

1. Wireguard docs:

   https://www.wireguard.com/papers/wireguard.pdf

2. does mikrotik hEX support Wireguard? I am unable to find WireGuard option on my router

3. I am not sure setting-up the site to site VPN using Wireguard is less hassle, than using an IPSEC connection. What is an advantage here, apart from IPSEC not being a real interface?

4. Hello. I would like to know if it is possible to use wireguard between two site, however, I have only one static public ip in the HQ-Mikrotik office and I have a dynamic ip in the SITE-Mikrotik office. Thanks A.

5. Just gloss over the Mikrotik Wiregard interface. Kind of need step one.

6. Hi, but I need configure my Mikrotik as Wireguard CLIENT 🙁

7. Hi Berg, What if your remote sites do not have a WAN IP, but my server have a PUBLIC IP, how can we setup WIREGUARD?

8. hi wireguard can blocked very simple with ISP do you have any solution?

9. Would be happy for some spped comparising in terms of Wireguard vs OpenVPN vs SSTP vs IpSec vs L2TP/IpSec, just to understand it also performance wise.

10. Otherwise excellent but peer endpoint IP on server glossed over… Did you just put a random IP there? What is the point of configuring an endpoint to the server for a client. Can't we just leave it blank? If I understood this right that makes the device (mikrotik) initiate the connection and it would just try to hammer that IP, in your case 192.168.149.1

    I'm having a hard time getting an iPhone to work. Androids and other routerboards work just fine.

11. Well done, I've tried setup wireguard to my VPS as server and mikrotik as client / peer but as I'm very new to this I got stuck at allowed IP to pass through but no internet connection, but I think I understand more after this video, will give it a go. thanks… hou so aan, Dankie

12. Sorry guys im not getting something. I have an Iphone 13 with latest WG client get solid connection but only inbound packets. Cant seem to get anything to route back to the WG client. To make things more complicated my ROS7 is stuck behind carrier NAT with a Forward although that is not seeming the problem. TNG can you please help we numpties with a remote IOS example for road warriors

13. hey guys. i want to connect my modem to router and config vpn on it then when i connect to router with wifi it tunnel the whole internet and i dont need to use vpn on my device. what should i do?

14. Where did the end point come from? Seems a bit fast of a presentation… Clearly im slow

15. Hello Mr Berg,

    I am having 2 queries which i will ask one by one

    a. How you added VPC in this topology which is acting as your pc? is this a feature in eve-pro edition? i am using community edition right now is v2.0.3-112

    b. Strange problem on my office pc, Everytime i need to disable/enable vmnet (NAT) or vmnet (internal) or RadminVPN network adapters then it starts working, before that they send traffic but receive remains on 0. i have reinstalled vmware but still problem as it is. Any suggestions?

    Thanks in Advance
    PST

16. hello sir i see that the End Point on the peer should put with an a WAN IP address but my home WAN IP are dynamic so after reboot the router the WAN IP will change the IP, so what is the solution for me bcoz im already make a static ip but the ISP wont make me connect to the Internet and should i use the cloud public IP address (ROuter behind the NAT,Remote Connection Might not Work)? Im using a Prepaid Sim card Internet.

17. Hi! I need to ask that, can we user two separate mikrotik pppoe routerboards on a single network?

18. This video is great! But what if we want VPN from client to site router, but HQ router is not a Mikrotik router?

19. Hello again!
    What if i have 2 routers connecting to main router. Do i have to create for each one new wireguard interface on main router?

20. Good video…..you got a good grasp of this tech. Did I miss a video about putting MT 7 on Eve? I thought only certain versions of 6 would work on Eve?

21. could you give me some advice on how to set up an RB5009 and an LDF LTE6 in my home lab config? Id be very grateful from one saffer to another.

22. Do you really need specify Endpoint and port at 7:07?

23. Hello!
    Thank you for your video. Do i have to configure firewall rules for proper Wireguard running?

24. on android sir

25. Hi @The Network Berg, nice video! Just a question for you, the endpoint address in Peer is the WAN ip address of my entire network or the ip address of the mikrotik? I am talking about server side here. Thank you!

26. Is there actually the possibility to support you once?
    Had already written to you once directly via Discord.

    Greetings Markus

27. This looks very cumbersome. I dont understand why its implied its easy to setup. OpenVpn much easyer to setup, atleast on the client you just import a file containing the keys and server ip. You dont have to write and know any commands as a user.

28. Glad to hear you talk about putting an IP on the WG interface. While researching and reading posts on the MT forums, I found were MT Rep's were saying that you don't "Need" to put an IP on there. Which, in order to connect, is true. However, could not route to save my life (setup with OSPF). It wasn't until I put an IP on the WG Interface that everything started working (to clarify, this is a connection between my MT router and my Android phone). Now things work great.

29. Actually found this video confusing. Why do you assign a listening port on the client PC. Why do you use two different WANIP (endpoint addresses for the MT Server router – one for the pc client and one for the Server Client)? Would make sense if you were doing this intentionally and stating a scenario, lets say your Main Router has two public IPs, you can use each for a wg interface etc………

30. Thanks for the updated video!

31. I have a working "triangle" setup of wireguard networks connected. I really like the ease of setup, but one MAJOR bummer is that you need to restart both peers if one of them is on a dynip. I'm trying a workaround with netwatch, but I'd very much prefer an automatic solution

32. Excellent explanation but unfortunately doesn't help me. I have a VPS running wireguard, all working fine. I'm behind CGNAT so got a little Hex MT and tried to connect it to my VPS wireguard. I'm sure it's a routing problem but buggered if I can get it to work. So… a video on connecting MT with wireguard to VPS wireguard would be very helpful (for me and probably others). After that I'm hoping to set up a pair of Audience MT's to mesh network my home but baby steps at first.

33. can DDNS be used instead of static IPs as peers endpoints?

34. you didnt answer my question on another video, so here it is again. i have very poor bandwidth performance and i dont know why/. (over the internet). my ISP speeds are very good, but not through the tunnel. any idea why?

35. I use a cell phone provider for internet access from home/home office. They do not provide me with a routable IP at the edge router. It is a 10.x.x.x/y address. I am working on starting up a WISP and want to be able to VPN into my home/home network as well as the systems at my WISP tower(s). They are a completely different network and ISP providing my uplinks. It seems from this video that this can be done – with the exception that I haven't found a solution to initial a tunnel into my home/home office network due to the private IPs being supplied to me by the cell provider. Will this Wireguard solution work in that scenario? Or would it be limited to initiating from home/home office – but not the other way around?

36. This seems like a lot of work compared to L2TP/IPsec roadwarrior setup. Instead of static routes could you use OSPF?

37. So fast to implement feedbacks. 😊

Comments are closed.