opkhunter.blogg.se

Now you should be able to access the Mikrotik router from any device on the same WireGuard network, including the phone app.

This could be adjusted to forward all traffic to the Mikrotik router but then you would need a separate WireGuard peer configuration for accessing the actual Raspberry Pi through the WireGuard network. Or just a single port 80: sudo iptables -t nat -A PREROUTING -i wg0 -p tcp -destination-port 80 -j DNAT -to-destination 192.168.88.1 To the Mikrotik router at IP address 192.168.88.1: sudo iptables -t nat -A PREROUTING -i wg0 -p tcp -match multiport -destination-ports 80,5678,8728,8291 -j DNAT -to-destination 192.168.88.1

5678 for Mikrotik Neighbor Discovery Protocol.

Mikrotik router connected to a WireGuard network through a Raspberry Pi.įirst, make requests incoming on the WireGuard network interface wg0 appear as originating from the Raspberry Pi itself to the devices on the local network: sudo iptables -t nat -A POSTROUTING -o wlan0 -s 10.200.200.0/24 -j MASQUERADE We’re routing a WireGuard peer on a network interface wg0 and an IP range of 10.200.200.0/24 to the IP address 192.168.88.1 in the local network available through the wlan0 interface. Use sysctl -w _forward=1 to enable IP forwarding immediately without having to reboot. IP forwarding is disabled by default on Raspbian so it’s extremely important to enable it for any of the iptables rules to work.Įnable IP forwarding in the Linux kernel by uncommenting or adding (uncommenting) _forward = 1 to /etc/nf to persist the setting between system restarts. Here is how to configure the Raspberry Pi acting as a WireGuard peer to do the custom routing: 1. The Raspberry Pi is also running WireGuard so all we have to do is forward the incoming WireGuard traffic to a few ports on the Mikrotik router. I built a solar powered Raspberry Pi used as a security camera which is connected wirelessly to a solar powered Mikrotik LTE router to access the internet through a mobile data connection. Note that RouterOS already supports VPN access but not through WireGuard. In this example I wanted to access the Mikrotik router configuration panel from anywhere in the world similar to how Cloud Key and Cloud Access enables it for Ubiquity devices. WireGuard provides unlimited possibilities for creating private and secure networks without having to expose devices to the public internet.