I wanted to connect my dedicated hetzner proxmox box (“remote“) to my home IP.
Networks:
- Home has 10.0.40.0/24 and 10.0.60.0/24
- Remote has 10.0.101.0/24
At home I created on my mikrotik:
/interface wireguard
add listen-port=51810 mtu=1420 name=wireguard1
/interface wireguard peers
add allowed-address=10.0.101.0/24,10.0.100.0/24 endpoint-address=ip.home.ip.here endpoint-port=51811 interface=wireguard1 public-key="XXX-PUB-HOME-XXX"
/ip address
add address=10.0.100.10 interface=wireguard1 network=10.0.100.0
/ip firewall filter
add action=accept chain=input comment=Wireguard dst-port=51810 in-interface-list=wan log=yes log-prefix=WGLOG protocol=udp
add action=accept chain=forward comment="OK: Wireguard naar andere vlans" in-interface=wireguard1 log=yes log-prefix=WGFW out-interface=vlan_srv
/ip route
add disabled=no dst-address=10.0.100.0/24 gateway=wireguard1 routing-table=main suppress-hw-offload=no
add disabled=no dst-address=10.0.101.0/24 gateway=wireguard1 routing-table=main suppress-hw-offload=noThen at the remote side, first make keys:
apt install wireguard
cd /etc/wireguard/
wg genkey > private.key
chmod 0600 private.key
wg pubkey < private.key > public.key
cat public.keyWe need config:
# cat /etc/wireguard/wg0.conf
[Interface]
Address = 10.0.100.11/32
SaveConfig = true
ListenPort = 51811
PrivateKey = XXX-PRIV-REMOTE-XXX
[Peer]
PublicKey = XXX-PUB-HOME-XXX
AllowedIPs = 10.0.40.0/24, 10.0.60.0/24
Endpoint = ip.home.ip.here:51810Start interfaces and it works!
References