Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

Problem with access (sometimes no ping) from mikrotik to LAN

Locked
 
bvyvetal
just joined
Topic Author
Posts: 1
Joined: Wed Feb 22, 2017 9:53 am

Problem with access (sometimes no ping) from mikrotik to LAN

Wed Feb 22, 2017 10:28 am

Hi.
I have Mikrotik RB750 GL.
Port 1 - DHSP internet
Port 2-5 connected to bridge.
port 2- free
port 3 - connect Wi-Fi router
port 4 - computer
port 5 - printer

Mikrotik has VPN L2tp/Ipsec server.

Sometimes I can't ping from Mikrotik or from vpn-clients computer or printer that connected to Mikrotik.
Where can be problem?

# feb/22/2017 09:14:42 by RouterOS 5.26
# software id = VMTC-DA0L
#
/interface bridge
add arp=proxy-arp l2mtu=1598 name=bridge1
/interface ethernet
set 0 comment=ISP name=ether1-gateway
set 1 comment=PC name=ether2-master-local speed=1Gbps
set 2 comment="wi-fi 2" name=ether3-slave-local
set 3 comment=pc name=ether4-slave-local
set 4 comment="samsung 9" name=ether5-slave-local
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m
/ip ipsec proposal
set [ find default=yes ] pfs-group=none
/ip pool
add name=VPC-DHCP-Pool ranges=10.2.2.20-10.2.2.100
add name=vpn-pool ranges=10.2.2.150-10.2.2.155
/ip dhcp-server
add address-pool=VPC-DHCP-Pool disabled=no interface=bridge1 name=default
/ppp profile
add bridge=bridge1 dns-server=8.8.8.8 local-address=10.2.2.1 name=l2tpipsec \
remote-address=vpn-pool session-timeout=2h
/system logging action
set 1 disk-file-count=200 disk-lines-per-file=10000 disk-stop-on-full=yes
/interface bridge port
add bridge=bridge1 interface=ether2-master-local
add bridge=bridge1 interface=ether3-slave-local
add bridge=bridge1 interface=ether4-slave-local
add bridge=bridge1 interface=ether5-slave-local
/interface l2tp-server server
set default-profile=l2tpipsec enabled=yes keepalive-timeout=180
/ip address
add address=10.2.2.1/24 comment="default configuration" interface=bridge1
/ip dhcp-client
add comment="Orange Fibernet DHCP" default-route-distance=0 disabled=no \
interface=ether1-gateway
/ip dhcp-server network
add address=10.2.2.0/24 comment="default configuration" dns-server=10.2.2.1 \
gateway=10.2.2.1 netmask=24
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip dns static
/ip firewall filter
add chain=input comment="default configuration" protocol=icmp
add chain=input comment="default configuration" connection-state=established
add chain=input comment="default configuration" connection-state=related
add chain=input protocol=ipsec-esp
add chain=input dst-port=1700,1701 protocol=udp
add chain=input dst-port=8291 in-interface=ether1-gateway protocol=tcp
add chain=input dst-port=4500 protocol=udp
add chain=input dst-port=500 protocol=udp
add action=drop chain=input comment="default configuration" in-interface=\
ether1-gateway
add chain=forward protocol=icmp
add chain=forward connection-state=established
add chain=forward connection-state=related
add action=drop chain=forward comment="default configuration" connection-state=\
invalid disabled=yes
/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration" \
out-interface=ether1-gateway src-address=10.2.2.0/24 to-addresses=0.0.0.0
/ip ipsec peer
add exchange-mode=main-l2tp generate-policy=yes hash-algorithm=sha1 \
nat-traversal=yes secret=*******
/ip neighbor discovery
set ether1-gateway disabled=yes
/ip proxy
set enabled=yes port=3128
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www address=0.0.0.0/0
set ssh disabled=yes
set www-ssl address=0.0.0.0/0 disabled=no
/ip smb
set allow-guests=no domain=VPC interfaces=ether2-master-local
/ip smb users
/ppp secret
add name=*** password=*** profile=l2tpipsec service=l2tp
add name=*** password=*** profile=l2tpipsec service=l2tp
add name=*** password=*** profile=l2tpipsec service=l2tp
add name=*** password=*** profile=l2tpipsec service=l2tp
add name=*** password=*** profile=l2tpipsec service=l2tp
add name=*** password=*** profile=l2tpipsec service=l2tp
/system clock
set time-zone-name=Europe/Bratislava
/system logging
add action=echo topics=l2tp
add action=echo topics=ipsec
add action=disk topics=account
add action=disk topics=info
add action=disk topics=warning
add action=disk topics=error
/system ntp client
set enabled=yes mode=unicast primary-ntp=91.229.24.6 secondary-ntp=65.55.56.206
/tool mac-server
add disabled=no interface=ether2-master-local
add disabled=no interface=ether3-slave-local
add disabled=no interface=ether4-slave-local
add disabled=no interface=ether5-slave-local
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=ether2-master-local
add interface=ether3-slave-local
add interface=ether4-slave-local
add interface=ether5-slave-loc
Top
Locked

Who is online

Users browsing this forum: simtj and 104 guests
  4. RouterOS
  5. Beginner Basics