WireGuard VPN Configuration for MikroTik Router

for VPN Unlimited users

How to Install VPN Unlimited on Different Platforms & Create KeepSolid ID

 

Detailed installation guides on different platforms:

 

How to create a new KeepSolid ID

  1. After installing the VPN Unlimited app, you will see the line "Create KeepSolid ID", сlick on it to start the process.
  2. Enter your email address in the designated field.
  3. Create a password and enter it in the password field.
  4. Repeat your password in the provided field to confirm it.
  5. Check the box next to the statement "By continuing, you agree to our…".
  6. Tap the "Sign up" button to complete the registration.

Connecting to a VPN server for the first time, you will be requested to allow adding VPN configurations and downloading a VPN profile.  For more details, please refer to the manuals provided above on how to install VPN Unlimited on different platforms.

 

Important! Please note that you will need to configure your device using the generated settings by yourself at your own risk.

I. Create VPN Configuration for WireGuard

 

Before you can set up WireGuard® on your MikroTik router, you need to generate VPN configuration in your KeepSolid User Office.

To do that, follow a few simple steps described in the tutorial How to manually create VPN configurations.

II. Accessing MikroTik Web Console or WinBox:

 

  1. Web Console: Open a web browser and enter 192.168.88.1 in the address bar. Log in with your router's username and password.
  2. WinBox: Download and open the WinBox tool from the MikroTik website. Connect using your router's IP, username, and password.

 

III. Prepare WireGuard Configuration:

 

  1. Open the .conf file provided by VPN Unlimited with a text editor (like Notepad or TextEdit). Keep it open for reference as you'll need to copy values from this file.

 

IV. Create WireGuard Interface:

 

  1. In the router's menu, navigate to WireGuard > WireGuard and click on “Add New”.
wireguard-vpn-configuration-for-mikrotik-router

2. Set the Name as VPN-Unlimited.

3. For Private Key, copy and paste the key from the Interface section of your .conf file.

 

wireguard-vpn-configuration-for-mikrotik-router

V. Configure IP Address:

 

  1. Go to IP > Address.
  2. Click “Add New” and enter the IP address and network. Use the address from the .conf file's Interface section. For the network, modify the last octet of your IP address to zero, making it X.X.X.0.
wireguard-vpn-configuration-for-mikrotik-router

VI. Add WireGuard Peer:

 

  1. Click the WireGuard > Peers tab. Click "Add New", add the parameters from the .conf file and click Apply > OK.
wireguard-vpn-configuration-for-mikrotik-router

VII. Configure Routes for WireGuard Endpoint:

 

  1. Go to IP > Routes and click “Add New”.
  2. For Dst. Address, use the Endpoint address from your .conf file, adding a /32 mask.
  3. Set Gateway to your default gateway, which you can find under IP > DHCP Client.
  4. Add a comment like wgserver and mark the route as NOT Enabled.
wireguard-vpn-configuration-for-mikrotik-router

VIII. Configure Default Route for VPN Traffic:

 

  1. Again in IP > Routes, click “Add New”.
  2. Set Dst. Address to 0.0.0.0/0 and Gateway to %VPN-Unlimited.
  3. Mark this route as Enabled

Note: Your internet might stop working at this point until the VPN is fully configured.

wireguard-vpn-configuration-for-mikrotik-router

IX. Configure a DHCP Client for WireGuard:

 

  1. Navigate to IP > DHCP Client.
  2. Edit your DHCP client configuration to include the provided script in the settings.

Script:

:local route [/ip route find comment="wgserver"]

:if ($bound=1) do={

/ip route set $route gateway=$"gateway-address" disabled=no

} else={

/ip route set $route disabled=yes

}

 

3. This script helps manage the VPN connection's route based on its status.

wireguard-vpn-configuration-for-mikrotik-router

X. Create Interface List for VPN:

 

  1. Go to Interfaces > Interface List and click “Add New”.
  2. Select list as WAN and Interface as VPN-Unlimited.
wireguard-vpn-configuration-for-mikrotik-router

XI. Set Up DNS:

 

  1. Navigate to IP > DNS.
  2. Enter the DNS servers provided in your .conf file's Interface section.
  3. Check “Allow Remote Requests” to enable DNS resolution through the VPN.
wireguard-vpn-configuration-for-mikrotik-router

That's it! You've successfully configured WireGuard VPN on your MikroTik router. Now, you can enjoy the benefits of the VPN Unlimited service along with the speed and security of the WireGuard protocol.

If you need any assistance, please feel free to contact our customer support via [email protected].

Try VPN Unlimited right now!

Streamline your web experience, protect your sensitive data, and defend against online threats and hackers.