Hello, i have two routers in two different networks.
10.0.8.0/24 and 10.0.58.0/24
I want to manage that that two subnet see each other.
I added
ip firewall filter add action=accept chain=forward dst-address=10.0.58.0/24
and different in another router, but there is no connection between them. Where I wrong about?
Are the two subnets attached to the same router? If not, how are the two routers connected? Directly or over some VPN? You will need to install the necessary routes with next hop addresses in each router as well, and how you do that depends on your answers.
no subnets are for the different routers, two routers and two subnets, each for router. These two routers are connected via vpn to the main router.
So in reality you have 3 routers, not just two. Do you want the two routers to communicate to each other over the main one?
Depending on the type of VPN you are using, L2TP, PPTP, EoIP, etc. the virtual interface should have an IP address assigned to it, an address and network IP if you look at your address list.
For the first routers routing table set 10.0.8.0/24 as reachable by the network address, this should be pointed to the core router.
For the core router, set 10.0.8.0/24 as reachable by the IP address assigned to your second router.
For the second router set 10.0.58.0/24 as reachable by the core router.
And in the core router set 10.0.58.0/24 as reachable by the first one.
You will need to make sure that the core router will allow forwarding between the tunnel interfaces in it’s firewall.
If you are using pure IPSec, things get a bit more complex since there is no virtual interface created so you cannot make the routing changes needed through the routing table. Instead you need to use the IPSec policies on each router to control how traffic is sent, especially if you wanted them to communicate through the core router instead of directly.
You do this by specifying the src. address and dst. address in the policy, and you determine where traffic is sent by using the SA src. address and SA dst. address.
I manage to succeed something. I add in routes of these two routers in destinatiom address whole subnet of second router amd gateway set to l2tp, which I with main router have access to them. Do in my main router i have l2tp connection over ipsec.
And now two routers can communicate and can see anything in the network but problem is that some pc in one network cant see pc in another.
Chances are it’s the built in windows firewall preventing it.
i have also linux machines and no ping as well..
A question. I have a conection IPSEC oK “I can to do ping to between the two network 172.16.0.0/24 → 172.16.1.0/24 as 172.16.1.0/24 → 172.16.0.0/24” but I can’t connect via Winbox or Telnet to the router from the other network.
Explain. If I have it’s IP 172.16.0.100 in my laptop and want go to Router 172.16.1.1 I can’t connect… Can you help me ?
Just to make clear, what is your type of network, please confirm if your network looks like THIS
yes it is my setup. One core router which provide via ppp tunneling to other routers.
So first subnet is 10.0.8.0/24, and second is 10.0.58.0/24.
When I put a route which is that accept all addresses via gateway l2tp, router can see all devices of other router, but device in one router dont see device in another.
I don’t know why..
Do not just ping, do traceroute. This way we will know which router doesn’t know the route to your destination.