| Server: |
Port: |
Interface Name: |
| Net: |
1stIP: |
Clients: |
| Allowed Net(s): |
DNS: |
|
| ServerPrivateKey: |
||
| ServerPublicKey: |
||
Server config {{ server }}:{{ port }}
/interface wireguard
add listen-port={{ port }} mtu=1420 name={{interfacename}} private-key="{{ serverkeys.privateKey }}"
/ip firewall filter
add action=accept chain=input comment="Allow Wireguard from All" dst-port={{port}} protocol=udp
add action=accept chain=input comment="Allow DNS from Wireguard Users" dst-port=53 in-interface={{interfacename}} protocol=udp
/ip address
add address={{ network }}.1/24 comment="Wireguard Interface" interface={{ interfacename }} network={{ network }}.0
/interface wireguard peers
{{ line }}
add allowed-address={{ network }}.{{ client }}/32 comment="{{ value.name }}" endpoint-address={{ network }}.{{ client }} interface={{interfacename}} public-key="{{ value.publicKey }}" preshared-key="{{ value.preSharedKey }}"
Client configs (first ip: {{network}}.{{startip}}, count: {{ clientcount }})
[Interface]
## {{ value.name }}
Address = {{ network }}.{{ client }}/32
PrivateKey = {{ value.privateKey }}
DNS = {{ dns }}
[Peer]
PublicKey = {{ serverkeys.publicKey }}
PreSharedKey = {{ value.preSharedKey }}
AllowedIPs = {{ network }}.1/32,{{allowednets}}
Endpoint = {{ server }}:{{ port }}
PersistentKeepalive = 10