Last active
August 22, 2024 10:17
-
-
Save olex0r/abd82935932b75e205f134417a4e99b5 to your computer and use it in GitHub Desktop.
Mikrotik wireguard client as default gateway
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # You should change "XX.XX.XX.XX" to you wireguard server | |
| # and set public-key,private-key,preshared-key,"YY.YY.YY.YY/YY" according to your config | |
| /interface/wireguard/add name=wg0 private-key="[PRIVATE_KEY_HERE]" | |
| /interface/wireguard/peers/add interface=wg0 endpoint-address=XX.XX.XX.XX endpoint-port=12321 public-key="[PUBLIC_KEY_HERE]" preshared-key="[PRESHARED_KEY_HERE]" persistent-keepalive=25s allowed-address=0.0.0.0/0 | |
| /ip/address/add interface=wg0 address=YY.YY.YY.YY/YY | |
| /ip/route/add dst-address=XX.XX.XX.XX comment=wgserver disabled=yes | |
| /ip/route/add dst-address=0.0.0.0/0 gateway=wg0 | |
| /ip/dhcp-client/add add-default-route=no interface=ether1 script=":local route [/ip route find comment=\"wgserver\"]\r\ | |
| \n:if (\$bound=1) do={\r\ | |
| \n /ip route set \$route gateway=\$\"gateway-address\" disabled=no\r\ | |
| \n} else={\r\ | |
| \n /ip route set \$route disabled=yes\r\ | |
| \n}" use-peer-dns=no use-peer-ntp=no | |
| /interface/list/member/add interface=wg0 list=WAN | |
| /ip/dns/set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Change the parameters according to your settings and your mikrotik will send all traffic through wireguard.