Hello,
I’m looking for best tutorial for l2tp with ipsec.
I’ve configured but when I connect to vpn I can’t get Internet connect - it’s not working.
How can I fix that?
I’m just starting MT road 
Thank you
Do you have a NAT masquerade rule for your VPN traffic?
I don;t know how to do this in this moment…
You must update your NAT rules.
For example, try this:
/ip firewall nat add chain=srcnat action=masquerade out-interface=Public
You are the one! It’s working like a charm
Many thanks.
Another question - how can I allow or block browsing web with public IP VPN?
Eg. user1 can browse with public IP, user2 can not.
What I did is instead of assigning a “pool” to a user for my VPN service was to specify a single IP address. That way when they connect via VPN they get the same “Remote IP Address” every time and I can restrict them from accessing NAT or other devices as I choose. Also, by default, I have no NAT enabled for VPN users and selectively add them as needed. In other words I have several NAT statements that have a single IP address permitted.