![]() I will be using the IP addresses I got, please substitute with your own. The IPv6 gateway is the IPv6 address we got in the config but ends on ::1. The IPv4 gateway is the SOCKS5 proxy address as listed in the server list, for de8 this would be which, right now, resolves to 10.124.1.24. Sadly this is not documented by Mullvad as of right now so I did some testing and sniffing. What we are missing to make this work with Mikrotik is the internal gateway IP of mullvad. The IPv4 address we can use as is, the IPv6 address we have to change the subnet to /64. Under the section we find the Address parameter. We will again take most infos we need from the config file we got earlier. Next, we will set up the IPv4 and IPv6 addresses, then add a new routing table and add the default route. Please double check, that the parameters are still the same when you follow this guide. Is the port WireGuard is running on, on the mullvad server allowed-addressĪre all networks reachable through the WireGuard peer, we want to use the peer as for everything here ![]() Is the external IP of the mullvad server endpoint-port Is the public key of the mullvad server endpoint-address Is the interface name we chose earlier public-key All infos we need for this are in the config file we downloaded earlier.Īt the time of writing this guide the command would look like this /interface/wireguard/peers/add interface=mullvad public-key="XIge3HgGEHf52e4Jpzk8iFOrrp6q7trq0udhufFlDVo=" \Įndpoint-address=185.209.196.67 endpoint-port=51820 allowed-address=0.0.0.0/0,::/0 interface With the interface all set we are ready to add the WireGuard peer, in this example we will be using WireGuard server de8. The public key shown by the print command should match the public key in the key list of the WireGuard-config generator. Public-key="1Aebyd1hmTveMDpBsc9dUg0brOke/dQTrztou/0e5Dw=" To verify, we can use the command > /interface/wireguard/print detailĠ R name="mullvad" mtu=1420 listen-port=35044 private-key="gCsS9ao/s1i0 1vsB3qYGagDZlhL0TQPdL4b/yyvJWc=" Where is the private key Mullvad generated. In the RouterOS terminal then execute the command /interface/wireguard/set mullvad private-key="" To do so we open the config file in a text editor and copy the value of PrivateKey = * under the * section. We need to now set the private key of the router to the one generated by Mullvad. In the WireGuard-config generator click on generate key, then chose a country, city and server from the three drop down fields in section 3. ![]() Open the config file in a text editor and jump to 1.3) WireGuard peer setup. Platform and DNS Server (section 1 and 4) don't matter to us right now so we leave them as default, when done hit Download file at the bottom. Lastly, chose a country, city and server from the three drop down fields in section 3. When it is correctly pasted the key list should show the interface's public key. In the WireGuard-config generator extend the Manage keys section and past the private key into the bottom field, then click Import key. In this example it would be gF iGVw1T/njKC2 AE8kZeQ/3/0gNAe6YumPQwMFhXY= ![]() Public-key="Pvxe8aXKmdLIzd5u7u62PDSoQezy6XtIzteCD5w06Xw="įrom the output copy the private-key= value for the mullvad interface. In the RouterOS terminal enter > /interface/WireGuard/print detailĠ R name="mullvad" mtu=1420 listen-port=38044 private-key="gF iGVw1T/njKC2 AE8kZeQ/3/0gNAe6YumPQwMFhXY=" There we need to either 1.1) Upload our key, or 1.2) Mullvad generates a key for us. Then open the WireGuard-config generator. In the RouterOS terminal enter /interface/WireGuard/add name=mullvad If you are using RouterOS 7.2 or latere read my other post first! 1) Interface Configurationįirst, we need a WireGuard interface. So in this post I will explain how I setup my Mikrotik CHR to use Mullvad VPN with WireGuard, implement a kill-switch and use the Mullvad DNS. When looking through the VPN services GL iNet suggests I stuck with Mullvad. After getting a GL iNet travel router and Mikrotik releasing RouterOS 7 I thought it's time to look at a 24/7 VPN connection again.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |