Hi Guys…as listed above, i set a very simple L2tp vpn at my house’s client to my office…i can ping from router to router but not from router to lan…i set static route as well and a src masquerade at both sides…
Mikrotik client side:
/interface ethernet
set [ find default-name=ether1 ] disabled=yes
/interface l2tp-client
add connect-to=iel.dnsalias.com disabled=no name=“Vpn tunnel” password=rosati1
user=rosati1
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa-psk,wpa2-psk eap-methods=“” group-ciphers=
tkip,aes-ccm management-protection=allowed mode=dynamic-keys name=iphone
supplicant-identity=“” unicast-ciphers=tkip,aes-ccm wpa-pre-shared-key=
lucaluca wpa2-pre-shared-key=lucaluca
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n country=italy disabled=no mode=
station-pseudobridge security-profile=iphone ssid=“iPhone di Luca”
/ip pool
add name=“pool service” ranges=10.10.10.10-10.10.10.20
/ip dhcp-server
add address-pool=“pool service” disabled=no interface=ether3 name=
“Dhcp servicec”
/ip address
add address=192.168.11.244/24 comment=Wan interface=ether1 network=192.168.11.0
add address=10.10.200.1/24 comment=“Centrale Tecnoalarm” interface=ether2
network=10.10.200.0
add address=10.10.10.1/24 comment=“Lan service” interface=ether3 network=
10.10.10.0
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=wlan1
/ip dhcp-server network
add address=10.10.10.0/24 dns-server=8.8.8.8 gateway=10.10.10.1
/ip dns
set servers=8.8.8.8
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
add action=dst-nat chain=dstnat dst-port=10003 protocol=tcp to-addresses=
10.10.200.2 to-ports=10003
add action=masquerade chain=srcnat out-interface=wlan1
/ip route
add distance=1 dst-address=192.168.200.0/24 gateway=10.10.100.1
/system clock
set time-zone-name=Europe/Rome
Mikrotik Server side
Mikrotik server side
/interface bridge
add comment=“Bridge lan ufficio” name=“bridge lan”
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=“pool indirizzi lan” ranges=192.168.200.10-192.168.200.20
add name=“pool indirizzi vpn” ranges=10.10.100.2-10.10.100.250
/ip dhcp-server
add address-pool=“pool indirizzi lan” disabled=no interface=“bridge lan” name=
server1
/ppp profile
set *0 local-address=10.10.100.1
/interface bridge port
add bridge=“bridge lan” interface=ether3
add bridge=“bridge lan” interface=ether4
add bridge=“bridge lan” interface=ether5
/interface l2tp-server server
set default-profile=default enabled=yes
/ip address
add address=192.168.100.1/24 comment=“Lan ufficio” interface=ether3 network=
192.168.100.0
add address=192.168.1.176/24 comment=“Porta WAN” interface=ether1 network=
192.168.1.0
add address=192.168.200.1/24 comment=“Dmz Server Tecnoalarm” interface=ether2
network=192.168.200.0
/ip dhcp-server network
add address=192.168.200.0/24 dns-server=8.8.8.8 gateway=192.168.200.1
/ip dns
set servers=8.8.8.8/ip firewall nat
add action=dst-nat chain=dstnat dst-port=10020 in-interface=ether1 protocol=tcp
to-addresses=192.168.200.2 to-ports=10020
add action=masquerade chain=srcnat comment=“Navigazione generale uffiico”
out-interface=ether1
/ip route
add distance=1 gateway=192.168.1.1
add distance=1 dst-address=10.10.200.0/24 gateway=10.10.100.50
/ppp secret
add name=rosati1 password=rosati1 remote-address=10.10.100.50
/system clock
set time-zone-name=Europe/Rome
/system identity
set name=“Router ufficio”
/system leds
add
/system logging
add action=disk topics=l2tp
add topics=ppp
add topics=account
/system ntp client
set enabled=yes primary-ntp=216.239.35.8 secondary-ntp=213.251.52.250
server-dns-names=8.8.4.4.
/system package update
set channel=bugfix
[admin@Router ufficio] >
Here below the routes
Rout client to office: add distance=1 dst-address=192.168.200.0/24 gateway=10.10.100.1
Rotta office to client: add distance=1 dst-address=10.10.200.0/24 gateway=10.10.100.50
This is the configuration that i have tried with an hot spot thinkin the issue was the telephone line…
All firewall Rules are disabled…no drop in any chain…
Please any advice…thanks