Community discussions

MUM Europe 2020

Search found 22 matches

by rules
Sat Oct 05, 2019 8:14 pm
Forum: General
Topic: L2TP/IPSec - Works from Android and Mikrotik but not Windows?
Replies: 3
Views: 1411

L2TP/IPSec - Works from Android and Mikrotik but not Windows?

Hi All As per the subject, I have a site with a Mikrotik router and I want to create a VPN connection to it for a client. The Mikrotik is a secondary router and sits behind the client's ISP router and I have all the necessary ports forwarded to it (500, 1701 & 4500). I can connect to it from another...
by rules
Mon Sep 16, 2019 11:09 am
Forum: General
Topic: L2TP/IPSec VLAN no HTTP (port 80) [SOLVED]
Replies: 2
Views: 508

Re: L2TP/IPSec VLAN no HTTP (port 80) [SOLVED]

Awesome, thanks nostromog, had to lower the MTU to 1350 ๐Ÿ˜‰๐Ÿ‘
by rules
Sat Sep 14, 2019 9:16 am
Forum: General
Topic: L2TP/IPSec connects but instantly disconnects
Replies: 1
Views: 428

Re: L2TP/IPSec connects but instantly disconnects

It seems to be something specific to my Windows 10 machine. Tried the exact same config on my Windows 10 laptop and it connects without an issue. I've tried the "Network Reset" (in Windows 10) but it still does the same. I suppose a reinstall is now my only hope.
by rules
Fri Sep 13, 2019 7:02 pm
Forum: General
Topic: L2TP/IPSec VLAN no HTTP (port 80) [SOLVED]
Replies: 2
Views: 508

L2TP/IPSec VLAN no HTTP (port 80) [SOLVED]

Hi All Yet another L2TP snag on my list ๐Ÿ˜… On one of our Mikrotik routers I have 4 incoming L2TP/IPSec connections and although at first glance all looks good (I can ping all devices) I can't seem to HTTP into any devices on 2 of those connections. If I VPN from my PC to one of those 2 Routers I have...
by rules
Fri Sep 13, 2019 6:55 pm
Forum: General
Topic: L2TP/IPSec connects but instantly disconnects
Replies: 1
Views: 428

L2TP/IPSec connects but instantly disconnects

Hi All As per the subject line, I've set up a VPN link from my Windows 10 PC to a Mikrotik router (via WAN of course). As I have enabled L2TP and IPSec logging I can monitor the connection and from what I can tell it goes through the whole initiation and establishes a connection only to instantly di...
by rules
Tue Aug 13, 2019 1:51 pm
Forum: General
Topic: Internet access without 0.0.0.0/0
Replies: 7
Views: 1193

Re: Internet access without 0.0.0.0/0

Hi sindy

Seems I have reached the stage where I know just enough to get me into trouble :lol: so my apologies if I'm mixing and matching and making things confusing.

I made a rough drawing indicating the current scenario so hope that sheds some light ...

https://imgur.com/QkgkBlf

Thanks,
R
by rules
Sat Aug 10, 2019 6:01 pm
Forum: General
Topic: Internet access without 0.0.0.0/0
Replies: 7
Views: 1193

Re: Internet access without 0.0.0.0/0

Messy ... yeah I really need to do my MTCRE already :lol: On the onsite router I have an L2 connection from the bridge to a Mikrotik router at our office as well as a L2 server for the client to connect directly. The PPPoE is for once there is no direct internet access from inside the network. The P...
by rules
Fri Aug 09, 2019 5:58 pm
Forum: General
Topic: Internet access without 0.0.0.0/0
Replies: 7
Views: 1193

Re: Internet access without 0.0.0.0/0

Hi Sindy Your assumption is correct. On my internal network I would like for only the router to have internet access and I have also configured a PPPoE server for when I do need temp access from inside (at this points it places the PPPoE connection on the bridge, but this will obviously have to chan...
by rules
Thu Aug 08, 2019 9:49 pm
Forum: General
Topic: Internet access without 0.0.0.0/0
Replies: 7
Views: 1193

Internet access without 0.0.0.0/0

Hi All Is there a way to give the router internet access (PPPoE or simply DHCP) without having the dynamic route 0.0.0.0/0? Maybe my example will shed some more light ... I have an isolated network at a client, which I want to expose to the internet to establish a VPN connection with. Ether 1 on my ...
by rules
Thu Jul 18, 2019 10:41 am
Forum: General
Topic: NTP Server ... which interface?
Replies: 2
Views: 369

NTP Server ... which interface?

Hi All I want to implement a local NTP server on a Mikrotik router. The config is pretty straight forward for simple sites and I can get it to work but here is my complication. On one site, running a Cloud router, there are multiple bridges with differing IP ranges. So when setting up an NTP server,...
by rules
Wed Jul 17, 2019 11:11 pm
Forum: General
Topic: Block all, allow some Firewall
Replies: 3
Views: 393

Re: Block all, allow some Firewall

It is literally just the rules. Check the default filter rules of the hXX products, it is almost that if you replace the "leaky drop" rule at the end of each chain (input and forward) by a complete drop. Or check this . Awesome, thanks, looks like good start. The "logics" part of my brain is wantin...
by rules
Wed Jul 17, 2019 9:12 pm
Forum: General
Topic: VLAN within a VLAN
Replies: 5
Views: 527

Re: VLAN within a VLAN

You could also try to run l2vpn over mpls through that link.
That's plan B incase the additional VLANs don't pan out ๐Ÿ˜‰
by rules
Wed Jul 17, 2019 7:29 pm
Forum: General
Topic: Block all, allow some Firewall
Replies: 3
Views: 393

Block all, allow some Firewall

Hi All Recently did my first Mikrotik course, so well on my way to global domination ๐Ÿ˜… ... but first some random stupid questions ... How would you configure a firewall to block everything coming in and only configuring certain things to pass through? Is it literally just the rules in the firewall o...
by rules
Wed Jul 17, 2019 7:07 pm
Forum: General
Topic: VLAN within a VLAN
Replies: 5
Views: 527

Re: VLAN within a VLAN

Thanks for the replies. It seems even though it might be an option, QinQ is not as simplistic a solution as I imagined and could be problematic going through a plethora of Ciscos. It does seem like the corporate guys will grant us another VLAN or two which will make things a lot simpler.

Cheers,
R
by rules
Wed Jul 17, 2019 6:24 am
Forum: General
Topic: VLAN within a VLAN
Replies: 5
Views: 527

VLAN within a VLAN

Hi All We have a "small" network which spans across a large geographical area and as a means of connecting all the remote locations we utilise a VLAN on another entities corporate network. We have come to a point though where we would like to start segmenting our network and I was wondering if it's ...
by rules
Mon Feb 25, 2019 11:07 am
Forum: Beginner Basics
Topic: Routing terms perspective ... which side is which?
Replies: 8
Views: 816

Re: Routing terms perspective ... which side is which?

Thanks a million Rainbow Dash ... I'll make sense of all this stuff yet :wink:
by rules
Mon Feb 25, 2019 8:40 am
Forum: Beginner Basics
Topic: Routing terms perspective ... which side is which?
Replies: 8
Views: 816

Re: Routing terms perspective ... which side is which?

Ah ok, so my understanding was somewhat correct in that source and destination continually changes due to it being a two way communication. Would it then be correct to overly simply things by saying that the source and destination referred to in the NAT/Mangle etc. settings, are from the perspective...
by rules
Sun Feb 24, 2019 9:04 pm
Forum: Beginner Basics
Topic: Routing terms perspective ... which side is which?
Replies: 8
Views: 816

Routing terms perspective ... which side is which?

Hi All I'm going for the "most ridiculous question asked" award, but I'm learning the hard way so it will help tremendously if I can grasp this, so here goes ... When looking at the routing/NAT/Mangle etc. configs, from which perspective to we look at things like src and dst (interface/address/port ...
by rules
Thu Feb 21, 2019 9:45 pm
Forum: Beginner Basics
Topic: Multiple L2TP/IPsec client connections from RB931
Replies: 2
Views: 239

Re: Multiple L2TP/IPsec client connections from RB931

This is what it shows in the log ...

https://imgur.com/a/ZiWTaPo
by rules
Thu Feb 21, 2019 9:14 pm
Forum: Beginner Basics
Topic: Multiple L2TP/IPsec client connections from RB931
Replies: 2
Views: 239

Multiple L2TP/IPsec client connections from RB931

Hi All We have one Mikrotik device we would like to use to manage multiple L2TP/IPsec connections for various remote sites in order that we can have one point of contact for access to multiple networks. So I have configured one already which works like a charm (well it does now, about 5 days later :...
by rules
Thu Feb 21, 2019 9:06 pm
Forum: Beginner Basics
Topic: L2TP/IPsec connection without sharing internet [SOLVED]
Replies: 5
Views: 565

Re: L2TP/IPsec connection without sharing internet [SOLVED]

Hi Steve Thanks, worked like a charm. I modified the Mangle rule I created while setting up the VPN (following someone else's tutorial :wink: ) and basically specified the remote network's IP range to be tagged as VPN data. I'm assuming this means it leaves all other data this side. Furthering netwo...
by rules
Thu Feb 21, 2019 8:56 am
Forum: Beginner Basics
Topic: L2TP/IPsec connection without sharing internet [SOLVED]
Replies: 5
Views: 565

L2TP/IPsec connection without sharing internet [SOLVED]

Hi All

I configured our RB931 to connect to a remote L2TP server, which works fine, but I would prefer if all internet traffic did not go across the tunnel as well. I remember on Windows there was an option to unselect (something about remote gateway). How would I do this on our Mikrotik?

Thanks,
R