Skip to main content
All CollectionsRouters
Site-to-Site VPN with Mikrotik router using wg plugin
Site-to-Site VPN with Mikrotik router using wg plugin
M
Written by Majid Chebil
Updated over a week ago

Network Topology:

Configuration Steps:

Router 1 (Site A) configuration:

Step 1: Access Mikrotik Router and log in to the Mikrotik router

Step 2: Create WireGuard Interface

  1. Go to Interfaces > Add New > WireGuard

  2. Configure the following: Name, Listen Port, private and public keys will be generated automatically.

3. Click Apply and OK.

Step 3: Set IP Address for WireGuard Interface

  1. Navigate to IP > Addresses.

  2. Add a new IP address for the WireGuard interface (wg-client)

Step 4: Add WireGuard Peer

  1. Go to WireGuard > Peers.

  2. Add a new peer for Site A

Step 5: Configure Routes

  1. Go to IP > Routes.

  2. Add a route to Site B’s local network through the WireGuard interface

Step 6: Add a NAT Rule

  1. Navigate to IP > Firewall > NAT tab.

  2. Add a new NAT rule:

Router 2 (Site B) configuration:

Step 1: Access Mikrotik Router log in to the Mikrotik router

Step 2: Create WireGuard Interface

  1. Go to Interfaces > Add New > WireGuard

  2. Configure the following: Name, Listen Port, private and public keys will be generated automatically

^

3. Click Apply and OK.

Step 3: Set IP Address for WireGuard Interface

  1. Navigate to IP > Addresses.

  2. Add a new IP address for the WireGuard interface (wg-plugin)

Step 4: Add WireGuard Peer

  1. Go to WireGuard > Peers.

  2. Add a new peer for Site B which is Site A using its public key

Step 5: Configure Routes

  1. Go to IP > Routes.

  2. Add a route to Site B’s local network through the WireGuard interface

Step 6: Add a NAT Rule

  1. Navigate to IP > Firewall > NAT tab.

  2. Add a new NAT rule:

PING TEST

Go to Tools> Ping

Pinging test from router A to router's B VPC:

Pinging test from router B to router's A VPC:

Did this answer your question?