interface and pptp bridging issue

Ehman · September 12, 2012, 12:21am

Hi folks

I being trying to make a pptp server bridge up with Eth1,2,3,4,5

I’ve got my eth1,2,3,4,5 in a bridge, now I want to bridge that with my pptp server so that the vpn connections that dial in can have all access to everything thats plugged into eth1,2,3,4,5

The IP Address of the group is 10.0.0.1, and its bridged with eth1,2,3,4,5

DHCP server set on the pptp sever, dhcp_pool1 of 10.0.0.10-10.0.0.254

local address of remote address in PPP profile is 10.0.0.8 and remote address is set to the dhcp_pool1, ive set the remote address to 10.0.0.1 just to test, same result

I cant get this to work, in winbox PPP > Profiles > Bridge (just below the remote address field).. and then I selected my bridge with all the 5 eth in, still doest work

your help would be much appreciated

thx

janisk · September 12, 2012, 6:25am

to bridge pptp you have to bridge both ends of the tunnel. Other way, just skip the bridge part and route the traffic.

See manual on wiki.mikrotik.com where it is described.

Ehman · September 12, 2012, 8:52pm

http://wiki.mikrotik.com/wiki/Manual:BCP_bridging_(PPP_tunnel_bridging)

its bridged at both ends now and working, do I need to enable rstp on the bridges? …its running fine without rstp …but I don’t want to create a loop or blackhole, hehe

Ehman · September 19, 2012, 10:21am

monster issue’s now! :*(

I can ping it everything, but thats about it!, if proper traffic wants to flows via the tunnel then its supper unstable, not even radius requests want to go via the tunnel but I can ping the radius server, I get the impression it can only handle super small packets

janisk · September 20, 2012, 7:27am

you need rstp only if you have several bridges interconnected and there would be a possibility of loop in the topology of the network. If you have just bridged interface with pptp tunnel on each end, most probably rstp is not required.

you can check with different ICMP package sizes, what is MTU of the link.

Ehman · September 20, 2012, 10:07am

Hi, yea the problem got fixed with adding 1600 mrru on the client side aswell, no everything is working a 100%
but rstp is making to much traffic over the bridges over the internet

just 1 thing I’m bothered about, the pptp server is also hookup up to the internet, and so are the client device, but its not the same internet, so why doesn’t the client tries to get internet from the server via the tunnel?

I’ve got a NAT rule on both routers on out interface is set to WAN and then on masquerade, but if I disable it on the client side, it doest really make a impact

I’m very scared about this issue now, it would suck if all clients try to get internet via the tunnel