I have a sim that doesn’t have a legal IP -
I can find out my external IP with my http://myip.dnsomatic.com/
but if I try to do a EOIP tunnel between them I don’t get any replay (the other router have a legal IP)
is there a reason?
can I do this at all?
Thanks ,
can you ping the other router IP from the “private IP” router?
no I don’t have - but I think that the ISP is deny ping
Check your firewall rules in input chain.
there aren’t any rules
the only rule I have is masquerade and this is all
maybe this will help some more
Router#1 - connect to the internet using pppoe , I have a static IP “legal”.
Router#2 - connect to the internet using 4G modem , I don’t have static IP.
I want to be able to make them work in the same network - so I want to use EOIP
I know how to get my external IP in Router#2
so what else should I do ?
I don’t see the different between what I’m trying to do and any other DDNS service
Thanks ,
If I’m understanding correctly, your 4G connection is using CGNAT (carrier NAT), so you aren’t being assigned a public IP directly but instead a private IP address that they manage. They then NAT the traffic out a specific set of IP addresses, probably shared by hundreds to thousands of users/devices.
In this type of configuration, ANY remote connectivity is going to have to be initiated by your router with the 4G card. You don’t have any control over the port forwarding or firewall rules of the public IP, so the only thing you can do is initiate connections.
In some cases, you can pay an additional fee for a public IP address on your 4G card. This would eliminate any of the CGNAT issues you are encountering.
If you don’t want to pay extra for a public IP on your 4G, I would advise you set router#2 to dial a PPP connection or L2TP connection to router#1, then run your EoIP tunnel over the PPP connection.
O.K
I mange to create a L2PT server and client , Thanks !
now I want to do EOIP of both sides
so just tell me if this O.K
on Router#1 - server side IP:10.0.0.111
this is what I gave :
name="Home" service=l2tp caller-id="" password="123" profile=default
local-address=172.16.5.254 remote-address=172.16.5.1 routes=""
limit-bytes-in=0 limit-bytes-out=0 last-logged-out=jul/14/2015 17:39:34
I can give whatever I want , right? in the local\remote address - it has no meaning ?
also
0 R name="eoip-tunnel1" mtu=auto actual-mtu=1408 l2mtu=65535
mac-address=07:72:9A:F1:F2:86 arp=enabled local-address=0.0.0.0
remote-address=172.16.5.1 tunnel-id=5 dscp=inherit clamp-tcp-mss=yes
dont-fragment=no
on Router#2 - client side IP:10.0.0.1
0 R name="l2tp-out2" max-mtu=1450 max-mru=1450 mrru=disabled
connect-to=82.92.159.1 user="Home" password="123"
profile=default-encryption keepalive-timeout=60 add-default-route=no
dial-on-demand=no allow=pap,chap,mschap1,mschap2
and also
R name="eoip-tunnel1" mtu=auto actual-mtu=1408 l2mtu=65535
mac-address=04:32:1B:D2:D5:DF arp=enabled local-address=0.0.0.0
remote-address=172.16.5.254 tunnel-id=5 dscp=inherit clamp-tcp-mss=yes
dont-fragment=no
I have ping from 10.0.0.1 to 10.0.0.111
so do I need to do something else? or this is how to do this?
also can I create 2 server on the same router?
let say I have 2 pppoe connection t the internet on the same router , and I want different client to connect to different server
doable?
Thanks ,
Looks like you’ve got the right idea down. Once you establish your L2TP connection between router 1 and router 2, you can use the PPP addresses to create your EoIP tunnel and bridge to any interfaces you wish.
On the PPPoE scenario, you can do this but you’ll have to follow one of the guides on creating a router with dual WAN and load balancing. You’re going to have to create some routing marks and mangle rules to “mark” the traffic so that the router knows which interface the traffic comes in and goes out.
o.k. ,
I have try many setting in the firewall in all kind of guides , all of them I didn’t mange to make this work
this is the best I could do - and sometime I can see both sims are working together ,
for example :
I’m trying to download a 100MB file , at start I can see both sims are downloading at 3.5 and 3.5 , but then after ~3 min
one sim has stop downloading , and I have download only from 1 at speed of 3.5Mbps.
after 5 more min the second sim return to download - work for 4 min and then stop again
can you understand why ?
/ip firewall filter
add action=drop chain=input dst-address=10.0.0.1 in-interface=all-wireless \
src-address=172.20.164.0/24
/ip firewall mangle
add action=mark-connection chain=input in-interface=lte1 \
new-connection-mark=LTE1_ConnM
add action=mark-connection chain=input in-interface=lte2-external \
new-connection-mark=LTE2_ConnM
add action=mark-routing chain=output connection-mark=LTE1_ConnM \
new-routing-mark=na_LTE1
add action=mark-routing chain=output connection-mark=LTE2_ConnM \
new-routing-mark=na_LTE2
add chain=prerouting dst-address=10.169.4.0/24 in-interface=ether1
add chain=prerouting dst-address=10.43.59.0/24 in-interface=ether1
add action=mark-connection chain=prerouting dst-address-type=!local \
in-interface=ether1 new-connection-mark=LTE1_ConnM \
per-connection-classifier=both-addresses-and-ports:2/0
add action=mark-connection chain=prerouting dst-address-type=!local \
in-interface=ether1 new-connection-mark=LTE2_ConnM \
per-connection-classifier=both-addresses-and-ports:2/1
add action=mark-routing chain=prerouting connection-mark=LTE1_ConnM \
in-interface=ether1 new-routing-mark=na_LTE1
add action=mark-routing chain=prerouting connection-mark=LTE2_ConnM \
in-interface=ether1 new-routing-mark=na_LTE2
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes to-addresses=0.0.0.0
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=yes src-address=172.20.164.0/24 to-addresses=0.0.0.0
add action=masquerade chain=srcnat comment="masquerade ethernet network" \
disabled=yes src-address=10.0.0.0/24 to-addresses=0.0.0.0
add action=masquerade chain=srcnat out-interface=lte1
add action=masquerade chain=srcnat out-interface=lte2-external
ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK INTERFACE
0 10.0.0.1/24 10.0.0.0 bridge1
1 I 172.20.164.254/24 172.20.164.0 wlan1
2 D 10.169.4.180/24 10.169.4.0 lte1
3 D 10.43.13.84/24 10.43.13.0 lte2-external
do you know about a guide that really work? or even someone how have done this ?
Thanks ,