I’m fairly new with Mikrotik Routerboards. And the first problem I’m having is frustrating me even further.
The guy that made the initial setup is currently unavailable, and of course this matter is extremely urgent now
We have a RB751U-2HnD.
A VPN IPSec tunnel (lan-to-lan) is already created to a partner. Our partner is having another VPN tunnel (same kind) to a third company.
They are now requiring to chain the VPN’s, so we can access the third company network too.
I’m provided only with the public IP of the third company network. And I don’t know where to put it.
Already checked what we have in IP → IPSec → Polices/Peers/…
The current settings are there, but can’t figure by my own, where the new ones should be added.
I have some network knowledge, but not that much
So it seems the provided additional info, was not really useful for us.
I’m not sure if this is the proper way to do such chain, but I’m adding a static route from local network to the gateway in remote network that is starting the second VPN.
The static route might be a valid way to do this, but it is not the most resource efficient especially if your partner is on a slow Internet line. All traffic between you and the third company goes into their network and comes out causing a double traffic load.
If this is just going to be 3 nodes, you can set up a VPN to the third company directly and set up the proper routing. If you want a truly extensible topology, you could rent a VPS at a local datacenter and set up RouterOS on that. Everyone then can connect to the central node only.
Well, than it will not be a VPN tunnel chain, and that’s the main task here.
It’s not something I could decide differently - not up to me.
I just need to know the proper way to create such chain.
The VPN chain is now on hold, since we noticed the surprisingly low speed of the current tunnel.
The tunnel is used to access windows 2008 file server.
Both sides have at least 10 megabit connection to internet (both ways).
Still we get only 100 KB/s transfer speed. And I have no clue what might the problem be.
What is the approximate slowdown that we should expect from VPN overhead and heavy encryption?
