inférence WG-Users ======== Public Key: cat4H07058+1VLQu2ns9tWGImfMx0hrHZI6F9WTsFR8= Win10 10.100.100.100 Elair-Riverra661 /interface/wireguard/peers/add allowed-address=10.100.99.101 interface=WG-Users persistent-keepalive=10 public-key= https://github.com/IgorKha/wireguard-mikrotik [i] Config available in /home/boig01/temp/wireguard/wg01/client/Laptop/wg01-client-Laptop.conf [i] QR is also available in /home/boig01/temp/wireguard/wg01/client/Laptop/wg01-client-Laptop.png [i] MikroTik peer config available in /home/boig01/temp/wireguard/wg01/client/Laptop/mikrotik-wg01-client-Laptop.rsc [i] MikroTik interface config available in /home/boig01/temp/wireguard/wg01/mikrotik/wg01.rsc [i] If you want to add more clients, you simply need to run this script another time! mikrotik/wg01.rsc ================= # WireGuard interface configure /interface wireguard add listen-port=13231 mtu=1420 name=wg01 private-key=\ "mHAePE+zX9qDM9VyN0PZ5wolk3RY7c+dZgAsOdvw/HA=" /ip firewall filter add action=accept chain=input comment=wg-wg01 dst-port=13231 protocol=udp /ip firewall filter move [/ip firewall filter find comment=wg-wg01] 1 /ip address add address=10.100.99.1/24 comment=wg-wg01 interface=wg01 # WireGuard client peer configure /interface wireguard peers add allowed-address=10.100.99.2/32 comment=\ wg01-client-Laptop interface=wg01 \ preshared-key="6V1dSygIB9cfq//EKLZmVl4qLVmKgHAqqeGQt84uvqY=" public-key=\ "gwi0ou0D2fWFcB1WNcarGHUu31DG1InGu39EryMnSGc=" client/Laptop/wg01-client-Laptop.conf ===================================== [Interface] PrivateKey = YJ+4MBqJj/uoJFatfkh5yDghJUDmigKhxiT50vMSP0A= Address = 10.100.99.2/32,fd42:55:24::2/128 DNS = 1.1.1.1,8.8.8.8 [Peer] PublicKey = Oe03xZcw+Fj0s2WwLTyg7mW7bm0p7gwKFnoNWXbciE8= PresharedKey = 6V1dSygIB9cfq//EKLZmVl4qLVmKgHAqqeGQt84uvqY= Endpoint = 172.16.16.136:13231 AllowedIPs = 0.0.0.0/0,::/0 CLIENT_PRIV_KEY=$(wg genkey) CLIENT_PUB_KEY=$(echo "${CLIENT_PRIV_KEY}" | wg pubkey) CLIENT_PRE_SHARED_KEY=$(wg genpsk) echo -e "CLIENT_PUB_KEY: $CLIENT_PUB_KEY \nCLIENT_PRE_SHARED_KEY: $CLIENT_PRE_SHARED_KEY" echo "[Interface] PrivateKey = ${CLIENT_PRIV_KEY} Address = ${CLIENT_WG_IPV4}/32,${CLIENT_WG_IPV6}/128 DNS = ${CLIENT_DNS_1},${CLIENT_DNS_2} [Peer] PublicKey = ${SERVER_PUB_KEY} PresharedKey = ${CLIENT_PRE_SHARED_KEY} Endpoint = ${ENDPOINT} AllowedIPs = 0.0.0.0/0,::/0" >>"${HOME_DIR}/${SERVER_WG_NIC}-client-${CLIENT_NAME}.conf" # Add the client as a peer to the MikroTik (to client folder) echo "# WireGuard client peer configure /interface wireguard peers add allowed-address=${CLIENT_WG_IPV4}/32 comment=\\ ${SERVER_WG_NIC}-client-${CLIENT_NAME} interface=${SERVER_WG_NIC} \\ preshared-key=\"${CLIENT_PRE_SHARED_KEY}\" public-key=\\ \"${CLIENT_PUB_KEY}\" " >"${HOME_DIR}/mikrotik-peer-${SERVER_WG_NIC}-client-${CLIENT_NAME}.rsc" # Add the client as a peer to the MikroTik echo "# WireGuard client peer configure /interface wireguard peers add allowed-address=${CLIENT_WG_IPV4}/32 comment=\\ ${SERVER_WG_NIC}-client-${CLIENT_NAME} interface=${SERVER_WG_NIC} \\ preshared-key=\"${CLIENT_PRE_SHARED_KEY}\" public-key=\\ \"${CLIENT_PUB_KEY}\" " >> "$(pwd)/wireguard/${SERVER_WG_NIC}/mikrotik/${SERVER_WG_NIC}.rsc"