Community discussions

MikroTik App
  4. RouterOS
  5. General

PPTP tunnels not passing traffic

Post Reply
 
JacobRush
just joined
Topic Author
Posts: 6
Joined: Wed Mar 16, 2011 11:20 pm

PPTP tunnels not passing traffic

Tue Apr 26, 2011 10:53 pm

I'm sure I'm missing something simple here.

I have a super simple setup I'm trying to get working but every time I setup a tunnel it stops passing traffic. I just factory reset them and there running 4.17.

I just factory reset them to see if there was some old config that was messing me up but no.. I'm able to pass traffic in the clear using static routes. But as soon as the pptp connection comes up it stops passing traffic.

Trying to do a site to site PPTP vpn:
192.168.4.207/24 - 450G(server) - 192.168.254.24/24 - Ethernet cable - 192.168.254.21 - 450G(client) - 192.168.0.216/24

Server config:
Code: Select all
[admin@Server] > ip address export
# jan/02/1970 00:24:53 by RouterOS 4.17
#
/ip address
add address=192.168.254.24/24 broadcast=192.168.254.255 comment="" disabled=\
    no interface=ether1 network=192.168.254.0
add address=192.168.4.207/24 broadcast=192.168.4.255 comment="" disabled=no \
    interface=ether2 network=192.168.4.0

[admin@Server] > interface pptp-server export
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption \
    enabled=yes keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled

/ppp secret
add caller-id="" comment="" disabled=no limit-bytes-in=0 limit-bytes-out=0 \
    local-address=192.168.254.24 name=client password=secret profile=\
    default-encryption remote-address=192.168.254.21 routes="" service=any

/ip route
add comment="" disabled=no distance=1 dst-address=192.168.0.0/24 gateway=\
    192.168.254.21 scope=30 target-scope=10

[admin@Server] > ip route print
Flags: X - disabled, A - active, D - dynamic, 
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 A S  192.168.0.0/24                     192.168.254.21     1       
 1 ADC  192.168.4.0/24     192.168.4.207   ether2             0       
 2 ADC  192.168.254.0/24   192.168.254.24  ether1             0       
 3 ADC  192.168.254.21/32  192.168.254.24  <pptp-client>      0
Client config:
Code: Select all
[admin@Client] > interface pptp-client export
# jan/02/1970 00:36:46 by RouterOS 4.17
#
/interface pptp-client
add add-default-route=no allow=pap,chap,mschap1,mschap2 comment="" \
    connect-to=192.168.254.24 dial-on-demand=no disabled=no max-mru=1460 \
    max-mtu=1460 mrru=disabled name=pptp-out1 password=secret profile=\
    default-encryption user=client

/ip route
add comment="" disabled=no distance=1 dst-address=192.168.4.0/24 gateway=\
    192.168.254.24 scope=30 target-scope=10

[admin@Client] > ip route print
Flags: X - disabled, A - active, D - dynamic, 
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 1 ADC  192.168.0.0/24     192.168.0.216   ether2             0       
 2 A S  192.168.4.0/24                     192.168.254.24     1       
 3 ADC  192.168.254.0/24   192.168.254.21  ether1             0       
 4 ADC  192.168.254.24/32  192.168.254.21  pptp-out1          0
So its able to route traffic in the clear if I disable the pptp connection on the client. But as soon as I re-enable the pptp connection it comes up all traffic stops.

What super-obvious thing thats not mentioned in the wiki article about how to do this am i missing..
Top
 
JacobRush
just joined
Topic Author
Posts: 6
Joined: Wed Mar 16, 2011 11:20 pm

Re: PPTP tunnels not passing traffic

Thu Apr 28, 2011 11:14 pm

Nothing obvious?

I've tried this setup on 5.0rc11 and 5.1

I've also tried sstp with the same results.

I'm wondering if its something to do with the public interfaces being in the same subnet? Like a routing bug or something? Thats the next thing I'm going to try.

-Jacob
Top
 
gregsowell
Member Candidate
Member Candidate
Posts: 128
Joined: Tue Aug 28, 2007 1:24 am
Contact:
Contact gregsowell

Re: PPTP tunnels not passing traffic

Fri Apr 29, 2011 5:59 am

Try setting IP addresses on your pptp interfaces to something different, then set the static route gateway to the far side pptp address.

Should be able to use something like 172.16.0.1 and 172.16.0.2. A /30 subnet should be just fine :)
Top
 
JacobRush
just joined
Topic Author
Posts: 6
Joined: Wed Mar 16, 2011 11:20 pm

Re: PPTP tunnels not passing traffic

Fri Apr 29, 2011 9:17 pm

Ah! I have not had a chance to test but i'm certain thats exactly what the problem is.

I was confused about
ppp secret local-address and remote-address
I was thinking it was supposed to be identification of the remote and local ip addresses but it actually DEFINES what the tunnel addresses are. Which explains my strange routing issues.

I'm sure this was the same issue with sstp as I made the same error in that test config.

Now to do some performance testing of pptp VS sstp!

-Jacob
Top
Post Reply

Who is online

Users browsing this forum: m4rk3J and 53 guests
  4. RouterOS
  5. General