Hello, Now everything works! Thanks for your help! On Mon Jan 13 21:09:07 2025, k...@krot.org wrote: > > > • Maksim Rodin [2025-01-13 17:45]: > > Hello. > > I recently got a wireguard config from my friend, he wanted to test his > > wg endpoint setup on a mikrotik router: > > --- > > [Interface] > > PrivateKey = *** > > Address = 172.16.2.201/32 > > DNS = 172.16.1.11 > > [Peer] > > PublicKey = *** > > AllowedIPs = 172.16.1.0/24 > > Endpoint = some_ip:62391 > > PersistentKeepalive = 25 > > --- > > > > Address and AllowedIPs sections seemed a bit weird to me but my friend > > confirmed these parameters were correct and he was using a similar config > > on a Windows machine with only a different Address parameter: > > Address = 172.16.2.2/32 > > > > Nevertheless after I got the config in a text form > > I made a /etc/hostname.wg1 from its content like this: > > --- > > wgkey *** > > wgpeer *** wgendpoint some_ip 62391 wgaip 172.16.1.0/24 > > inet 172.16.2.201/32 > > up > > !route add -inet 172.16.1.0/24 -static -iface 172.16.2.201 > > > --- > > > > I did "sh netstart wg1" and my friend confirmed that I was connected to > > his mikrotik router but I was not able to access any resources in the > > 172.16.1.0/24 network. > > > > Could there be any tricks on mikrotik router that allow to translate my > > queries > > from 172.16.2.201/32 network access resources in 172.16.1.0/24? > > How can it be that such a config works on Windows but cannot work on > > OpenBSD? > > wireguard on windows would add entries to your routing table (i think > there's an option for that), on openbsd you have to arrange for your routing > yourself. you may try running this command: > > route add -inet 172.16.1.0/24 -static -iface 172.16.2.201 > > to persist the configuration, add the line provided above to the > hostname.wg1. > > > I use OpenBSD 7.6 amd64 stable. > > >
-- Best regards Maksim Rodin С уважением, Родин Максим
