I tested producing a QRcode locally using Python's qrencode including:[Req] Please add a Wireguard/Peer field for Client AllowedIPs.
I have quite some VPN clients that only to send certain traffic over the VPN and right now it's an annoyance that the QR code always includes a AllowedIPs: 0.0.0.0/0, ::/0 since their WG server isn't even set up to route WG traffic to the internet.
Currently the Docs (https://help.mikrotik.com/docs/display/ROS/WireGuard) read:
*AllowedIPs configuration that is provided to the client through WireGuard peer export (configuration file or QR code) can not be changed and will be "0.0.0.0/0, ::/0" at the moment. If it is necessary to change these values on remote end, then that is up to the remote peer software used for WireGuard connection.
It seems to me that the whole point of generating QR codes is to simplify config distribution and AllowedIPs is a critical field. I can't think of one but is there a reason to rely on editing the setting in the peer's interface rather than including it in the QR code?
Code:
AllowedIPs = 10.0.0.0/24,172.16.100.0/24Statistics: Posted by Edified — Wed Jun 12, 2024 9:30 pm