CREATIVE CHAOS   ▋ blog

Wireguard VPN on Mikrotik

PUBLISHED ON 19/12/2021 — EDITED ON 11/12/2023 — SYSOPS
# Creating the new WG interface and generating keypair
/interface wireguard add listen-port=51820 mtu=1420 name=wireguard1

# Retrieve the public key for client configuration
/interface wireguard print

# Set adresses for wireguard1 interface and provide a route
/ip address add address=10.9.9.0/24 interface=wireguard1 network=10.9.9.0

# Set up the firewall
/ip firewall filter add action=accept chain=input dst-port=51820 protocol=udp

# Create peers
/interface wireguard peers add allowed-address=10.9.9.2/32 interface=wireguard1 public-key="public-key-obtained-from-client-configuration"