Community discussions

MikroTik App
 
ahmet82
newbie
Topic Author
Posts: 47
Joined: Thu Aug 20, 2020 12:26 am

Wireguard with wan backup

Tue Nov 15, 2022 2:57 am

Hello,

I followed the instructions on this forum, and I am routing all of the traffic via wireguard. Nothing interesting here. However, I noticed that, if I disconnect wireguard, the route stays active, and the servers are unable to reach the internet. If I enable gateway=ping, the route doesn't work all together. How can I create a backup route in case wireguard link is down.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 14485
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Wireguard with wan backup

Tue Nov 15, 2022 4:53 am

Yes.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 14485
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Wireguard with wan backup

Tue Nov 15, 2022 4:54 am

 
sindy
Forum Guru
Forum Guru
Posts: 9903
Joined: Mon Dec 04, 2017 9:19 pm

Re: Wireguard with wan backup  [SOLVED]

Tue Nov 15, 2022 12:41 pm

Since in a generic case, there may be multiple peers associated to a single Wireguard interface, it doesn't seem a good idea to change the interface state to inactive when a single peer goes down (even though in your case this single peer is the only one associated to that interface).

Hence if you need to deactivate the route via that peer if connection to that peer is down (and bear in mind that many people want the opposite, i.e. that traffic that should go via VPN doesn't leak in plaintext if the VPN doesn't work), you need to check the transparency of the tunnel using the same means like in case of WAN failover - using /tool netwatch, a combination of /system scheduler and /system script, or recursive routing.

Who is online

Users browsing this forum: broderick, e3acf43dcd074d7884d and 23 guests