I am Sharing my final setup before making it stable (i hope at least) the main issue was from the Lancom them DNS had issues. and at the setup as friend informed me i closed the DNS from the DHCP Server and leave put it at the ip/DNS side. the config is as below but with minor issues on instabilities like sometimes i cannot send picture or even message via Whatsapp, cannot upload imaged on ym NAS Server etc things. Some website even could not load so i lowered the MSS at 1372 but still nothing. im left without any clue on what i can do or what part i should adjust.
On Ubiquiti everything works perfectly with 1412MTU and 1372MSS witht he same tunel but different VPN key. also tried the KEY on the windows and everything works perfectly.
On Ubiquiti everything works perfectly with 1412MTU and 1372MSS witht he same tunel but different VPN key. also tried the KEY on the windows and everything works perfectly.
# 2024-04-02 23:02:52 by RouterOS 7.14.2
# software id = M8KE-V5ID
#
# model = RB750Gr3
# serial number = HD2*****AS
/interface bridge
add name=Bridge-LAN
/interface ethernet
set [ find default-name=ether1 ] name=WAN1
set [ find default-name=ether2 ] name=WAN2
/interface wireguard
add listen-port=13231 mtu=1420 name=wireguard1
/interface list
add name=WAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip pool
add name=dhcp_pool0 ranges=192.168.13.100-192.168.13.254
add name=dhcp_pool1 ranges=192.168.14.200-192.168.14.205
/ip dhcp-server
add address-pool=dhcp_pool0 interface=Bridge-LAN lease-time=1d name=dhcp1
add address-pool=dhcp_pool1 interface=ether5 lease-time=6d name=dhcp2
/routing table
add disabled=no fib name=via-WG1
/interface bridge port
add bridge=Bridge-LAN interface=ether3
add bridge=Bridge-LAN interface=ether4
/interface list member
add interface=WAN1 list=WAN
add interface=WAN2 list=WAN
/interface wireguard peers
add allowed-address=0.0.0.0/0 endpoint-address=5.172.1*.95 endpoint-port=\
13231 interface=wireguard1 persistent-keepalive=25s public-key=\
"ySD/xFuTQ0+********************S4xyT6wE="
/ip address
add address=192.168.13.1/24 interface=Bridge-LAN network=192.168.13.0
add address=192.168.1.99/24 interface=WAN1 network=192.168.1.0
add address=192.168.2.98/24 interface=WAN2 network=192.168.2.0
add address=192.168.32.50(here i put /32 but it vanishes) interface=wireguard1 network=192.168.32.0
add address=192.168.14.1/24 interface=ether5 network=192.168.14.0
/ip dhcp-client
add disabled=yes interface=WAN1
add disabled=yes interface=WAN2
/ip dhcp-server network
add address=192.168.13.0/24 dns-server=192.168.13.1 gateway=192.168.13.1
add address=192.168.14.0/24 gateway=192.168.14.1
/ip dns
set allow-remote-requests=yes servers=1.1.1.1,192.168.32.1
/ip firewall mangle
add action=change-mss chain=forward disabled=yes new-mss=clamp-to-pmtu \
out-interface=wireguard1 passthrough=yes protocol=tcp tcp-flags=syn
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
add action=masquerade chain=srcnat out-interface=wireguard1
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
192.168.1.1 pref-src="" routing-table=main scope=30 suppress-hw-offload=\
no target-scope=10
add disabled=no distance=5 dst-address=0.0.0.0/0 gateway=192.168.2.1 \
pref-src="" routing-table=main scope=30 suppress-hw-offload=no \
target-scope=10
add disabled=no dst-address=0.0.0.0/0 gateway=wireguard1 routing-table=\
via-WG1 suppress-hw-offload=no
/routing rule
add action=lookup-only-in-table disabled=yes src-address=192.168.13.0/24 \
table=main
add action=lookup disabled=no src-address=192.168.13.0/24 table=via-WG1
/system clock
set time-zone-name=Europe/Athens
/system note
set show-at-login=no
Statistics: Posted by LeoNaXe — Wed Apr 03, 2024 4:25 pm