Hi all,

I’ve followed this set of instructions to setup L2TP/IPSec VPN. http://www.nasa-security.net/mikrotik/mikrotik-l2tp-with-ipsec/
Cross reverenced with some stuff i found on the wiki.
This has been a limited success.
I can connect to the VPN from my iPhone, i get a correct address from the pool i defined.
Everything ‘looks’ good.

Then came testing..
From the Phone i can ping the routers IP.
From the router i can ping the phone.

But from the phone i can not ping the test PC on the LAN, nor the phone from the test PC on the LAN.

My first thought was some kind of firewall rule, thats when i figured out ROS is default allow, so a) good thing this is all desk play right now b) not a firewall issue i would think..

If it helps.
router is 10.1.2.1
LAN is 10.1.2.0/24

[admin@Big Bass] /ip pool> print

NAME RANGES

0 dhcp 10.1.2.2-10.1.2.50
1 L2TP-Pool 10.1.2.51-10.1.2.60


I’m thinking i’m missing something basic.. like adding or forwarding the traffic to a default bridge or something, but i would think something like that would have been mentioned somewhere in my searching.

Do you have proxy-arp setup on the LAN interface? Try that and tell me if it works for you. If it doesn’t then, please post your config.

I did not have proxy-arp enabled.
enabling it on ether2-master-local didn’t do it..
But
enabling it on bridge-local instead did the trick..
Which does make some sense, since its a RB951G, so WiFi, and the phone was on WiFi..

I did not have proxy-arp enabled.
enabling it on ether2-master-local didn’t do it..
But
enabling it on bridge-local instead did the trick..
Which does make some sense, since its a RB951G, so WiFi, and the phone was on WiFi..

Fantastic! I’m glad that did the trick for you