5/15/2023 0 Comments Mikrotik chr azureI can connect to the CHR but i fail to reach the other azure vm: I then enabled the tipical rules i use, LAN/WAN interface lists (WG and ethernet2 are LAN, ethernet 1 is WAN) allowed external access to wireguard ip, and configured wireguard as i already know (i used 10.0.9.0/24 for wireguard. The CHR can ping my azure vm that shares the 10.0.0.0/24 address space. Then i added a 2nd interface to the CHR VM:Įthernet1: 10.1.0.0/24 address range and public ipĮthernet2: 10.0.0.0/24 address range and no public ip ![]() My azure interface had only the option of using the 10.0.1.0/24 ip range. My idea is/was to only expose the WG port and allow CHR management either from WG or the azure VM (which would share LAN with the CHR).ĭo I need a WAN interface and "normal" firewall settings in this case? (CHR would be behind Azure's firewall) Here, I would only use the CHR for wireguard (office/guardpost/road warriors would connect to it, gaining access to the azure VM AND the office network). I am accustomed to mikrotiks with 5 interfaces (1 as WAN, 4 in bridge) for home/small office use (no plans). ![]() ![]() Should I add another in a different network to use as WAN and the current one (same as the sole azure VM they use) be left as LAN? ![]() The VM has only one physical (well, virtual) interface. I could go Linux, but I like Mikrotik and made a CHR instance. I help an ONG (got them an azure sponsorship), and since they can't get a public IP (ISP gives them a fake public IP behind double Nat), I thought about setting up a VM to be their Wireguard "core". I've been using Mikrotik for personal stuff for ages, and recently learned about Wireguard after the V7 upgrade
0 Comments
Leave a Reply. |