So you suggest to go like this?Sorry my bad on the TYPO, WG1 is the correct entry on the routing rule to match the routing-table defined.
Good then
put IP addresss on your router for wireguard1 as
add address=192.168.32.20/24 interface=wireguard1 network=192.168.32.0
/interface wireguard
add listen-port=13231 mtu=1420 name=wireguard1 private-key=”your private key”
/ip address
add address=192.168.32.20/24 interface=wireguard1 network=192.168.32.0
/routing table
add fib name=via-WG1
/interface wireguard peers
add allowed-address=0.0.0.0/0 endpoint-address=5.172.196.95 \
endpoint-port="endpointadress" interface=wireguard1 persistent-keep-alive=30s \
public-key="public_key_of_provider"
/ip dhcp-server network
add address=192.168.13.0/24 dns-server=192.168.32.1 gateway=192.168.13.1
/ip dns
set allow-remote-requests=yes servers=1.1.1.1
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
add action=masquerade chain=srcnat out-interface=wireguard1
/ip firewall mangle
add action=change-mss chain=forward comment="Clamp MSS to PMTU for Outgoing packets" \
new-mss=clamp-to-pmtu out-interface=wireguard1 passthrough=yes protocol=tcp tcp-flags=syn
/ip route
add check-gateway=ping distance=1 dst-address=0.0.0.0/0 gateway=19.168.1.1 routing-table=main
add distance=5 dst-address=0.0.0.0/0 gateway=19.168.2.1 routing-table=main
add dst-address=0.0.0.0/0 gateway=wireguard1 routing-table=via-WG1
/routing rule
add action=lookup src-address=192.168.13.0/24 table=via-WG1
3. As long as both WAN interfaces are interface list members of the interface list=WAN, no need for anything extra.
Let me check that on the mikrotik how its done
i suppose the image i uploade is ok.
Statistics: Posted by LeoNaXe — Mon Mar 18, 2024 11:05 pm