wiki:wireguard

Wireguard Open_WRT client

File in /etc/config/network

root@OpenWrt:/etc/config# tail -15 network 

config interface 'wg0'
        option proto 'wireguard'
        option private_key 'kMtWcqDKWPBpZtZMotZhK7ebgYhHdsE5ZQ5DbjxTeEs='
        list addresses '10.20.0.13/32'

config wireguard_wg0
        option description 'wg_chr'
        option public_key 'a1vzyij5prL27dz/0lcUmMR5BPEh7KRqCvMMcPIeUB0='
        list allowed_ips '10.20.0.0/24'
        option route_allowed_ips '1'
        option endpoint_host '1x.xx.yy.zz'
        option endpoint_port '12345'
        option persistent_keepalive '25'

root@OpenWrt:/etc/config# 
  1. general setting, then generate new key pair, then replace ONLY private key that gave by Mikrotik. Don't change the published key since it is not use after generate key pair
  1. don't forget to allow firewall
  1. edit peer config put the publish key given by Mikrotik

On Mikrotik config only

[Interface]
PrivateKey = kMtWcqDKWPBpZtZMotZhK7ebgYhHdsE5ZQ5DbjxTeEs=
Address = 10.20.0.13/32
DNS = 8.8.8.8, 1.1.1.1

[Peer]
PublicKey = a1vzyij5prL27dz/0lcUmMR5BPEh7KRqCvMMcPIeUB0=
AllowedIPs = 10.20.0.0/24
Endpoint = 1x.xx.yy.zz:12345
Last modified 4 months ago Last modified on 03/06/25 16:38:55

Attachments (3)

Download all attachments as: .zip