![]() Also, remember to exchange the server's public key for the appropriate one. Remember to quote your keys, otherwise the = sign messes up the command. interface/wireguard/peers/add allowed-address=0.0.0.0/0,::/0 endpoint-address=193.32.249.66 endpoint-port=51820 interface=mullvad-upstream public-key="UrQiI9ISdPPzd4ARw1NHOPKKvKvxUhjwRjaI0JpJFgM=" We'll transform this into MikroTik commands: /interface/wireguard/add private-key="#privkey#" name=mullvad-upstream PublicKey = UrQiI9ISdPPzd4ARw1NHOPKKvKvxUhjwRjaI0JpJFgM= Just generate it in the web interface and download the appropriate config file for your preferred server. ip/address/add address=10.0.60.1/24 network=10.0.60.0 interface=mullvadįor this step you'll have to access to generate a WireGuard key pair. interface/vlan/add vlan-id=60 interface=bridge1 name=mullvad In my case this VLAN is called mullvad and the router has the address 10.0.60.1/24 for that VLAN. The first step consists of creating the VLAN that should access the internet via the VPN. Please read, understand and if necessary modify these commands before blindly copy-pasting them into your terminal.Īll of these settings are also manageable through the web/WinBox interface and should have the same names. Beware that this article contains some custom Mullvad magic though. In theory this should work with all VPN providers that allow you to connect via WireGuard, which seem to be most of them. There are some guides to do this online, but they all seem overly complicated, using VRFs, or unnecessary many firewall rules. My use case are a special guest WiFi for clients I don't trust as much, but also services like Radarr. ![]() ![]() Today I spent a few hours getting a VLAN to work that routes via Mullvad to the Internet.
0 Comments
Leave a Reply. |