yradunchev · April 30, 2023 13:20 · Apr 30, 2023 · Apr 30, 2023
diff --git a/mikrotik wg vpn b/mikrotik wg vpn
@@ -4,19 +4,19 @@
     endpoint-port=51820 interface=vpn persistent-keepalive=25s \
     public-key="<replace_with_endpoint_public_key>"
 
-/ip address
+/ip address \
 add address=<replace_with_vpn_client_address> interface=vpn network=<replace_with_vpn_client_address>
 
-/ip firewall nat
+/ip firewall nat \
 add action=masquerade chain=srcnat out-interface=vpn
 
 /routing table add name=wg-vpn fib
 
-/ip firewall mangle
+/ip firewall mangle \
 add action=mark-routing chain=prerouting comment="Device based VPN" \
     new-routing-mark=wg-vpn passthrough=yes src-address-list=device-based-vpn
 
-/ip firewall address-list
+/ip firewall address-list \
 add address=192.168.88.72 list=device-based-vpn
 
 /ip route

diff --git a/mikrotik wg vpn b/mikrotik wg vpn
@@ -0,0 +1,25 @@
+/interface wireguard add listen-port=51820 mtu=1420 name=vpn
+
+/interface wireguard peers add allowed-address=0.0.0.0/0 comment=vpn-peer endpoint-address=<replace_with_vpn_server_ip> \
+    endpoint-port=51820 interface=vpn persistent-keepalive=25s \
+    public-key="<replace_with_endpoint_public_key>"
+
+/ip address
+add address=<replace_with_vpn_client_address> interface=vpn network=<replace_with_vpn_client_address>
+
+/ip firewall nat
+add action=masquerade chain=srcnat out-interface=vpn
+
+/routing table add name=wg-vpn fib
+
+/ip firewall mangle
+add action=mark-routing chain=prerouting comment="Device based VPN" \
+    new-routing-mark=wg-vpn passthrough=yes src-address-list=device-based-vpn
+
+/ip firewall address-list
+add address=192.168.88.72 list=device-based-vpn
+
+/ip route
+add check-gateway=none comment="wg-vpn mark" disabled=no distance=10 \
+    dst-address=0.0.0.0/0 gateway=vpn pref-src="" routing-table=wg-vpn \
+    scope=30 suppress-hw-offload=no target-scope=10
No results found