Neste vídeo, apresento um guia sobre como configurar uma VPN entre matriz e filial usando WireGuard no Mikrotik. Você aprenderá a garantir uma conexão segura e estável entre suas redes corporativas, facilitando o acesso remoto e a integração entre diferentes unidades da empresa.
MK-MATRIZ
/interface wireguard
add listen-port=13231 mtu=1420 name=wg-para-filial
/interface wireguard peers
add allowed-address=0.0.0.0/0 endpoint-address=186.201.74.2 endpoint-port=13231 \
interface=wg-para-filial persistent-keepalive=30s public-key=\
"ucB8ctJFkNcHSoPVvre0nikAu9TG8kaWn0yz67Xf624="
/ip address
add address=210.125.45.2/30 interface=ether1 network=210.125.45.0
add address=192.168.100.1/24 interface=ether2 network=192.168.100.0
add address=10.10.10.1/30 interface=wg-para-filial network=10.10.10.0
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=210.125.45.1 routing-table=main \
suppress-hw-offload=no
add disabled=no dst-address=192.168.200.0/24 gateway=10.10.10.2 routing-table=\
main suppress-hw-offload=no
/system identity
set name=mk-matriz
MK-FILIAL
/interface wireguard
add listen-port=13231 mtu=1420 name=wg-para-matriz
/interface wireguard peers
add allowed-address=0.0.0.0/0 endpoint-address=210.125.45.2 endpoint-port=13231 interface=wg-para-matriz persistent-keepalive=30s public-key="sduFBq76rCiAzgMUDvITQ1agOE4xJEZvrj2osJrkZxM="
/ip address
add address=186.201.74.2/30 interface=ether1 network=186.201.74.0
add address=192.168.200.1/24 interface=ether2 network=192.168.200.0
add address=10.10.10.2/30 interface=wg-para-matriz network=10.10.10.0
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=186.201.74.1 routing-table=main suppress-hw-offload=no
add disabled=no dst-address=192.168.100.0/24 gateway=10.10.10.1 routing-table=main suppress-hw-offload=no
/system identity
set name=mk-filial
