# Creating the new WG interface and generating keypair
/interface wireguard add listen-port=51820 mtu=1420 name=wireguard1
# Retrieve the public key for client configuration
/interface wireguard print
# Set adresses for wireguard1 interface and provide a route
/ip address add address=10.9.9.0/24 interface=wireguard1 network=10.9.9.0
# Set up the firewall
/ip firewall filter add action=accept chain=input dst-port=51820 protocol=udp
# Create peers
/interface wireguard peers add allowed-address=10.9.9.2/32 interface=wireguard1 public-key="public-key-obtained-from-client-configuration"
See Also