WireGuard on MikroTik

WireGuard on MikroTik

The article describes the self setup of VPN on WireGuard on MikroTik devices with version RouterOS 7 and higher. (Not available in lower RouterOS versions, you must upgrade RouterOS). This phenomenal VPN is very fast, secure and easily configurable in a home environment.

If you are a home user and thinking about how to access your home network from the internet, WireGuard is currently one of the easiest choices. It is ideal for secure access to your home NAS or smart home when you are not at home.

What do we need?


Any MikroTik router (Router OS 7 version, if you have an older one, upgrade the firmware)

Any Android, iOS phone

Any PC, Laptop with any OS


WireGuard VPN

Internet connection and public IPv4 address (if you don't have it, ask your internet provider)

Log in to your MikroTik router. We recommend not using the web interface and using WinBox. However, the procedure is identical. Go to the WireGuard tab and the + icon to add a new WireGuard connection. Name the setting, e.g. wireguard and copy the Public Key somewhere:

Mikrotik WireGuard vytvoření

Next, we must add a new address for the WireGuard interface in the IP → Addresses by clicking on the + icon. We will choose a unique range and start with a one, for example:

MIkroTik WireGuard Address

In the final step, we will add the other side, called "Peer". Switch to the Peers tab. Here, you need to know the Public Key of the client device (for example, phone, computer, tablet - look in your client's app, see instructions in the left menu). Copy the Public Key and assign it an address allowed for the WireGuard network, which should have a unique range:

MikroTik WireGuard Add Peer

If you have a default firewall in your MikroTik, you need to allow the UDP port for WireGuard. In our case, the port is 33333. Go to

IP → Firewall and add a new rule again using the + icon, see the example below:

MikroTik WireGuard Firewall

That's it!

Now set up the client according to the type of phone or computer. See instructions in the left menu

PS: Part of the household may have their MikroTik router behind another router provided by the internet provider. In this case, it is necessary to forward the "Port Forward" from the external provider router to your MikroTik. This setting depends on the type of router and if you don't know how to do, asks your internet provider technical support for help. You need to redirect the selected UDP port (in our case 33333) on the MikroTik internal router to same port 33333.

Rate the article:

Average: 4 (1 vote)

Support Us:

Add comment:

Add comment

Newest articles in blog

MikroTik - Winbox, DHCP, Ranges
Basics - Winbox, DHCPRating: 

In this series, we will look at the step-by-step setup of MikroTik devices for home users or a small business (up to 25 people). In the first article, we will focus on the initial setup - we will download Winbox and set up DHCP for the primary network and guest network. Similarly, we will also adjust the WiFi settings.

Alarm Smart Home PIR
Alarm from existing PIR sensors in a smart home.Rating: 

In a your smart home, PIR sensors may not only be used to switch lights on and off based on motion, it is possible to utilize these sensors to detect the presence of motion in a particular room. This information can be used to create a relatively reliable uncertified home security system. In this guide, you will find the logic for how this can work in the OpenHAB software in our model smart home.

NFC Tag Example in Smart Home
NFC tags in smart homeRating: 

NFC (Near Field Communication) tags are small plastic or paper stickers that can be used to automate various functions in the smart home. In this article, we will show you examples of use and a guide on how to write an action on an NFC tag using a mobile phone.

WireGuard iOS
WireGuard on iOS devicesRating: 

In this article, you will find a detailed guide on how to connect to WireGuard VPN from iOS.

WireGuard on Android device
WireGuard on Android devicesRating: 

In this article, you will find a detailed guide on how to connect to WireGuard VPN from Android.

WireGuard on MikroTikRating: 

This article describes the self setup of the WireGuard VPN protocol on MikroTik devices with RouterOS version 7 and higher. This phenomenal VPN is very fast, secure, and easily configurable in a home environment. It can be said that it is currently the best VPN for home use available.

Nilan VP18 vs OpenHABRating: 

We provide tutorial for the connection of the active Nilan recuperation unit, in our case the VP18 K WT type with OpenHAB 3. By communicating via Modbus it is possible to read the whole range of values, but mainly also to control the unit through OpenHAB. This allows us to remotely or programmatically change the performance and ventilation settings depending on the mode (night, cooking, etc.)

PiHome - Chytry dum mereni spotreby elektriny
Energy meter in smart homeRating: 

We are providing a simple step-by-step tutorial how to install home energy meter. We did not find any MQTT device, so we buy Aeotec Home Energy Meter as we are already have a Z-Wave controlller in our smart home.

Centrální tablet pro chytrý dům
Wall tablet to controll your smart homeRating: 

Wall tablet or older smartphone is perfectly suited as a central indicator of the state of the home, as well as controlling it. It usually replaces the video doorbell and as example, you can play your favorite music or read recipes on it during cooking in your kitchen. In the article, we describe a functional example of such a "wall" tablet and its settings in so-called kiosk mode so, display doesn't run at night and only reacts when someone is nearby.

Jablotron and smarthome synchronization
Connecting Jablotron with OpenHABRating: 

In this article we will show you how to install Jablotron binding in OpenHAB. This binding helps us to synchronize states from Jablotron alarm to OpenHAB. Typically, you can force to switch off lights, close water pipe and circulation, switch off sockets or whatever you want to do when you leave home and set alarm.