Configure Wireguard VPN between MikroTik RouterOS v7 and Microsoft Windows

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi there this is smart haddad here again so in this video i have to show you how you can configure a wire guard vpn on the micro router so if you have a computer which is running a windows operating system then you can connect vpn to the wire guard wire guard is a new vpn that it has been added on the microtech router as version seven so from version seven you can use why guard on microtech i do have a course speaking about wildguard in details the course name is vpn tunneling on microtech with labs so there i discuss about the wire guard i explain it in details i tell you how it works and then i make two laps one for side to side and one for client to side so to show you all details about white guard but what i want to do in this video is just to show you how you can configure it using the microsoft windows so we are going to configure it on the microtech router and then we do uh have also a windows pc then to connect to it so the idea is that if you have a mic router you are going to run vpn on it then if you have a microsoft windows then you connect to that router and then you can go to the internet from that router so this is the idea my computer is on one network connection which is totally different than the one on the router so think is if like you are traveling and uh you work for a company and while you are on your business trip you want to connect to your the company to go via vpn so that's something you can use it using the wireguard so you are for example in a hotel and you just connect from the internet of the hotel vpn to your uh office router and then you can go to the internet from there because it's more secure and also to be able to send your emails reach some servers so all those things you can do so let's start directly with the configuration on the microtech router so here is my microtech router at this moment this router has internet and it is going via a public ip address so it's very important that you have a public ip address on your micro router or you are doing port forwarding to allow the wireguard port to pass to this router so anyone connecting to for example your public ipaddress your isp router will send it to the router which is the microtech router so we'll send the white card traffic to it so you can see we have white guard here we go to it and the first thing is to make wireguard interface so we create the interface i say apply then you have now the public key and the private key again that's something i speak and explain about it in my course i'm going to leave for you the link in this video so you can for registered to that course if you want to know the details and this is the listening port which needs to be arriving to this router so the vpn can be found so this is the first thing that we need to do and then i will say okay now the next thing that i want to do is to go to wirecart website and then from here i go to installation and i download and install this one for windows so this is the software that needs to be downloaded and installed for windows i have already done that to just one time and now if i go to my computer and i write wireguard now this is what i have so this is the software that needs to be on your computer but before we do that let me show you something that my computer has an ip address different than the ip address of uh of the one which is the router so if we look here on what is my ip so this is the ip address that my computer has or let's say others that my computer using to go to the internet because my computer is behind an ad and once we do the vpn we will see that this one will start by 31 will change so it will change to another ip others now how to configure that so we have to do the configuration first on the micro tick and then on the computer so first we have created this one we said apply public and private ips down there very good now what i need to do is to go to ip others and give to this interface that we have created an ip address we give it something like 172.22.0.1.24 and we put it on the wire guard you see that on this interface we put 172.22.0.1 you can choose any ip that you want and then i will say here okay now i need to configure the peers so we only have now one p which is my computer so i have to go to peers here on white guard and then i will say there is the peer so i need to put here the public key which public key the public key of the peer so we have to go to this software here and now when i say here add empty tunnel you see that it has a public key so i will copy that public key from that software and i put it there and then we have endpoint endpoint ports that's something we don't have to fill it here because that's if you are connecting to the wildguard server in my case here the router is not connecting to a wirecast server here is the server so we don't fill anything here what we need to fill here is the allowed address the allowed address means the ip that i'm going to put it for the computer on the interface for the wire card so we have chosen here if you remember 172.22.0.1 so i would say here that my computer i'll put it to 172 to 22.0.2 for example and then we can say slash 24 or slash 32 whatever so let's do it slash 32 so i'll say only this ip all right and i'll say here apply so that's all what you need to do from the router which is the server side now we have to go to the computer and from here we have first the name is very important and that's something they say to you or here if you look on the wire guard websites so they say to you somewhere i read it about here why god works by adding network interface like ethernet zero or wlan0 called w0 or wz1 wg2 or wg3 so that means we have to use this notation when we put the interface name so here we have to say w g0 now this is the uh the private key that we have we don't do anything here on the interface then on the interface we have to put the address so others equal it's gonna be 172.22.0.2 32. so that's what we have added here remember so this is the address that needs to be allowed by the vpn so i put it there also we put dns so dns equal 1.1.1.1 for example and now we have to say who is the peer so we have finished from the from that side so we have to say who is the peer so to put the peer we have also to look they put for you here a way how to do it so let's take let's take that that one so we have to say here copy and then we go to here and we have to adjust so first peer the public key what the public key here i have to put i have to put the public key of my peer which is the microtech router so we go to the microtech router and we take the public key of that microtech router copy and then i will come here and this is over here now we have to put here remember we have this is the port that we need to use one three two three one so this is the port one three two three one and the ip should be the public ip address that is on the microtech router so i will copy it and paste it so the public ipr is finished by 147. that means once we now do the wire guard we activate the link because at this moment if we look look the ip is still 31. so now when we do the vpn we should see the ip finishing by 147 and then we have the allowed addresses we have to put 0.000 what does it mean here that means that all the internet traffic is allowed so all internet traffic because we are going to go to the internet so any traffic coming from the internet to us is allowed so we keep it like this and there is one thing that i wish you to do also is very important is if we look here on the quick start they mentioned about let me check if i can find it um actually this one here and do not this one the persistent keep alive equal so i really want you to copy that one and we put it here and we give it like 10 seconds so what does it mean here because your computer is behind the net that means that whenever the 10 seconds are finished then the router will contact again the vpn on the router to tell him hey are you still alive with me so that means you will have the vpn always up and running so that's something i i like that i added always to put it for 10 seconds so so far so good this is all what i need to do now i will say save all right so let's have a look again the last time this is the ip that's correct all right so let's now activate here we go we have activated the vpn let's check first if we have internet i will go to the comment prompt first let's ping 172.60. actually 22.0.1 so i am able to reach to uh the other side let's ping 8.8.8.8 i do have internet let's ping google.com to check if the dns is working the dns is working and the last step to do let's see what is the ip now so i will refresh it here we go you see it is finishing by 147 excellent so you can see why guard is working and this is how you configure it on the microtech router and that is how you can do it on the microsoft windows if you want to do it on other platforms you just go to here and it shows you which platforms you can use it so you can see it's a really across platform vpn you can use it on all the platforms and they also guide you how you can download the packages and how to do the configuration so it works for you so this is all what i wanted to show you in this lecture i hope that this video was informative for you and i will see you in some other videos you

Info

Channel: MAICT

Views: 54,677

Rating: undefined out of 5

Keywords: wireguard mikrotik, wireguard mikrotik client, wireguard behind mikrotik, install wireguard di mikrotik, wireguard mikrotik setup, mikrotik wireguard hardware acceleration, wireguard vpn mikrotik, mikrotik wireguard dynamic ip, mikrotik wireguard server setup, mikrotik wireguard vpn server, wireguard mikrotik routeros, mikrotik wireguard nordvpn, Maher Haddad, My Network Training

Id: YZGHf70Eyj4

Channel Id: undefined

Length: 11min 33sec (693 seconds)

Published: Thu Jan 13 2022