For since a while i am having a Routerboard from Mikrotik with routerOS on it.
I’ve set up a EOIP tunnel to a other WAN network, i see the requests from the other WAN network but these connections keeps getting unreplied.
The thing i want to make is a EOIP tunnel from the second WAN location to the first, but on location 1 the connection must be bridged to a specified VLAN.
Because the application which needs to be bridged to a VLAN doesn’t use ip’s, it needs to be a L2 tunnel
Make sure that both routers allow the opposite side’s IP in their firewall.
If the mikrotik uses the typical basic “accept established, accept related, drop everything else” rule chain on the WAN interface, then neither side will reply to the other’s request to start the tunnel.
If sites are 1.1.1.1 and 2.2.2.2, then on 1.1.1.1, add a rule in the input chain to accept src-address=2.2.2.2, and on site 2, add a rule to accept src-address=1.1.1.1
You could specify GRE as the protocol to match in these new rules if you want to get extra paranoid about things.
