I posted a problem last week about not being able to see beyond the Mikrotik servers using an EOIP tunnel. Since that time, I have managed to achieve one way traffic (not sure how). If anyone could help me achieve bi-directional traffic, I would greatly appreaciate it.
I have two mikrotik routers, RB493 (Server) and a
RB450(Client). I have established the tunnel and
am able to ping the internet and both routers. I
am also able to ping the machine (192.168.3.197)
behind the client router(192.168.3.1).
I seem to of have established a one way traffic system as
I am not able to ping the machine (192.168.5.99)
behind the server router (192.168.5.1).
I know the issue lies with the routing / Nat, but I just do not know where to look anymore. I have read the manual and searched, but I am out of ideas.
Any help anyone could give me would be greatly appreciated.
My setup is as follows:
Client - Ether1 is connected to static IP, all
other ethers,wireless and EOIP are bridged into
bridge1
/ip route
add comment=“” disabled=no distance=1
dst-address=0.0.0.0/0 gateway=
66.xxx.xxx.250 scope=30 target-scope=10
add check-gateway=ping comment=“” disabled=no
distance=1 dst-address=
192.168.5.0/24 gateway=192.168.4.1,bridge1
scope=30 target-scope=10
/ip firewall nat
add action=masquerade chain=srcnat comment=“”
disabled=no out-interface=
ether1
/interface pptp-client
add add-default-route=yes
allow=pap,chap,mschap1,mschap2 comment=“”
connect-to=74.xxx.x.164 disabled=no max-mru=1460
max-mtu=1460 mrru=
disabled name=pptp password=xxx
profile=default-encryption user=
xxx
Server Ether1 is connected to PPPOE IP, all
other ethers and EOIP are bridged into bridge1
/ip firewall nat
add action=masquerade chain=srcnat comment=“”
disabled=no out-interface=
pppoe-user-phil
/ip route
add comment=“” disabled=no distance=1
dst-address=0.0.0.0/0 gateway=
66.xxx.xxx.148,pppoe-user-phil scope=30
target-scope=10
add comment=“” disabled=no distance=1
dst-address=192.168.3.0/24 gateway=
192.168.4.2,bridge1 scope=30 target-scope=10
/interface pptp-server
add comment=“” disabled=no name=from_remote
user=admin
/interface pptp-server server
set authentication=mschap1,mschap2
default-profile=default-encryption
enabled=yes keepalive-timeout=30 max-mru=1460
max-mtu=1460 mrru=disabled