Mikrotik preparation and configuration
Mikrotik WireGuard VPN module WISECP
Order now | Download | FAQ
Note: Enter the following commands one by one and wait for the command to complete.
Check RouterOS version
Make sure that the version of RouterOS is 7+
system/package/print
Enabling HTTPS Create your own root CA on your router
/certificate
add name=LocalCA common-name=LocalCA key-usage=key-cert-sign,crl-sign
Sign the newly created CA certificate
/certificate
sign LocalCA
Create a new certificate for Webfig (non-root certificate)
Note: as common-name=XXX.XXX.XXX.XXX You enter public IP adddress of the router.
/certificate
add name=Webfig common-name=XXX.XXX.XXX.XXX
Sign the newly created certificate for Webfig
/certificate
sign Webfig ca=LocalCA
Enable SSL (www-ssl) and specify to use the newly created certificate for Webfig
/ip service
set www-ssl certificate=Webfig disabled=no
Enable api-ssl and specify to use the newly created certificate for Webfig
/ip service
set api-ssl certificate=Webfig disabled=no
Enable WireGuard VPN server
Add IP address on Wireguard interface
Configuring NAT rules on the firewall
No Comments