Hello,
I’ve tried searching the forums but haven’t found anything that has worked. I currently have a Mikrotik Groove 52hpn that I am setting up as my boat gateway. On board I have a Raspberry Pi with two separate wifi adapters that provides wifi on board but cannot see or connect to the Marina wifi. What I would like to do is use the groove to connect to my marina wifi and provide a vpn tunnel back home so that I can work on my boat pi remotely. I am able to create a pptp tunnel to my home dd-wrt router and am assigned an ip address in my vpn range. From the pi I can ping my home gateway so the tunnel is working from boat to home. What I’m having issues with is accessing the boat from home. I’m pretty sure it’s a routing/firewal/nat issue but I haven’t been able to work it all out.
for reference:
Boat Pi (LAN 172.16.15.0/16 - WAN 192.168.88.100)-> ethernet → Groove 52hpn (LAN 192.168.88.0/24 - WAN 192.168.1.0/24)-> wifi → Marina hotspot (LAN 192.168.1.0/24 - WAN internet IP) → internet → Home DD-WRT router/PPTP server (WAN internet IP - LAN 192.168.127.0/24)
With everything up and running I can ping hosts on my home internal network from the boat. I can see the vpn connection on my home router including the IP assigned. Also, if the link drops the groove will reestablish the vpn automatically when the wan link is restored. The problem is that when the vpn is connected I cannot ssh to my boat computer from home. I have tried several suggestions that I found by searching through the forums here but none have worked. I know there needs to be a properly written dst-nat ruleset to allow traffic to flow the opposite way but I can’t seem to get the right combination to make it work.
I have also tried starting the vpn connection from the pi and can get it to auto connect vpn when the ethernet interface comes up but the link is flaky and I cannot get it to stay up nor can I get it to reconnect if it drops. When connected this way everything works fine and only 2 rules are required.
If anyone has any suggestions please let me know. This should be a simple solution but I’m at a loss as to what it should be.
Thanks,
Chris