Hi,
I have to create a remote office (secure link) to the main office, my problem is how to manage the 4 vlans between remote mikrotik and mikrotik of the main office.
sstp working fine, but vlans not working … I missed something ?
any idea ? and how to do it (the good way)
Thank you for help
Bridging layer 2 over the Internet is not ideal. Do you truly need the same broadcast domain and IP addresses in the 2 different locations? If not there are far better ways to go.
Hi idlemind,
I’m open to any suggestions,
(I have 1 software and it’s the problem, but I can do some modifications)
I have 4 vlan, for ip phone, for special communication software, etc
4 remotes links to main office over internet
Thank you for your answer
For the actual need of bridging a VLAN over the Internet look at MikroTik’s Ethernet over IP.
https://wiki.mikrotik.com/wiki/Manual:Interface/EoIP
Remember that you are bridging so all layer 2 traffic like broadcasts and spanning tree topology are going to go over the Internet to the second location. Also if a break in the tunnel occurs how is the split brain logic handled within your applications? Do your applications converge correctly after a break is restored? Typically this is done by having a verification or quorum device/vm. The quorum device is in one of 2 locations or a cloud service
At the very least you’ll want to look at VRRP to assign an IP for use as a default gateway for the clients.
https://wiki.mikrotik.com/wiki/Manual:Interface/VRRP
I’d recommend splitting all the traffic into different layer 3 domains. If your specialty application just cannot be split using load balancing, multicast or any other method then resort to EoIP. Technologies like VoIP shouldn’t require shared layer 2, not sure of your provider or technology though. If the VoIP application requires multicast you can use a site to site GRE tunnel wrapped in IPSec. GRE will do multicast.
Hi idlemind,
after your answer, I found this example:
https://mum.mikrotik.com//presentations/MM15/presentation_2962_1445240964.pdf
I will do a test and check the speed between branch and office
Thank you