/ip ipsec policy
add action=encrypt tunnel=yes proposal=ikev2 src-address=10.0.88.0/24 dst-address=192.168.95.0/24
/ip ipsec policy
add action=encrypt tunnel=yes proposal=ikev2 dst-address=10.0.88.0/24 src-address=192.168.95.0/24
Shouldn't the address be something other than 192.168.1.1? Maybe .2?/ip address
[...]
add address=192.168.1.1/24 interface=sfp1 network=192.168.1.0
/ip firewall nat
add action=src-nat chain=srcnat src-address=10.0.100.0/24 to-addresses=188.213.95.249
May we then have a look at the exported config of the router?I did this, but I had no luck and how can I grant access only to the printer IP?
/ip route
add dst-address=192.168.18.0/23 gateway=192.168.18.1
/interface list member
add interface=sfp1 list=WAN
Better create a L2TP server here too, because PPTP is deprected.i want to create a pptp vpn server
/interface ethernet switch rule
add new-dst-ports=etherx,ethery src-address=x.x.x.x ports=ethera,etherb
/ip firewall filter
add action=accept chain=input protocol=tcp dst-port=1723
add action=accept chain=input protocol=47
But at least color contrast was fine 😅
So the name is lo:I get "input does not match any value of interface". I see a lo interface, but not a lo1.
/ip address
add address=192.168.10.1/24 interface=lo
/ip ipsec policy group
add name=ikev2-policies
/ip ipsec policy
add dst-address=192.168.10.0/24 group=ike2-policies proposal=proposal1 src-address=0.0.0.0/0 template=yes
/ip address
add address=192.168.10.1/24 interface=lo1
add address=192.168.170.0/28 interface=openmetallab-management-vlan170 \
network=192.168.170.0
/system logging
add topics=ipsec,!debug
/system logging
add action=memory topic=ipsec,!debug
No need to be, IPsec on MikroTik and overall is a bit finickyalso sorry for maybe dumb questions but im still quite new to thee VPNs in mikrotik.
/ip ipsec policy
add action=encrypt src-address=192.168.1.0/24 dst-address=171.11.153.20
/ip route
add dst-address=192.168.1.116 gateway=<l2tp client interface>
/routing table
add fib name=through_VPN
/ip route
add dst-address=0.0.0.0/0 gateway="remote tunnel IP"
/routing rule
add src-address=192.168.1.116 action=lookup-only-in-table table=through_VPN
/ip firewall nat
add action=masquerade chain=srcnat out-interface=sfp-sfpplus1
/ip firewall nat
set 1 src-address=192.168.0.18 dst-address="" src-port=9050 dst-port=""
set 11 src-address="" dst-address="WAN_address"
/export file=anynameyouwish