Hello, i have moved from ac3 to RB5009UPr+S+ but now the VPN configuration does not work as intended.
I cannot access my server on the network anymore.
What i did to configure it is as follows:
/ip ipsec profile
set [ find default=yes ] enc-algorithm=aes-256,aes-192,aes-128 lifebytes=1
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha256,sha1 pfs-group=modp2048
/ip pool
add name=vpn ranges=192.168.89.2-192.168.89.255
/ppp profile
add name=l2tp-profile local-address=192.168.89.1 remote-address=vpn
/interface l2tp-server server
set enabled=yes use-ipsec=yes ipsec-secret=password1 default-profile=l2tp-profile
/ip firewall filter
add action=accept chain=input comment="allow ESP" protocol=ipsec-esp
add action=accept chain=input comment="allow IPsec NAT" dst-port=4500 protocol=udp
add action=accept chain=input comment="allow IKE" dst-port=500 protocol=udp
add action=accept chain=input comment="allow l2tp" dst-port=1701 protocol=udp
add chain=input src-address=192.168.89.0/24 action=accept comment="Allow VPN clients to access the router"
add chain=forward src-address=192.168.88.0/24 dst-address=192.168.89.0/24 action=accept comment="Allow LAN to VPN"
/ip firewall nat
add action=masquerade chain=srcnat comment="masq. vpn traffic" src-address=192.168.89.0/24
/ppp secret
add name=vpn password=password2 profile=default-encryption remote-address=192.168.89.254
Moved firewall rules up as well. Everything else is default configuration.
The vpn itself works i see that i’m connecting through my router to the internet but cannot access anything on the LAN.
What am i doing wrong?
Full config:
config.txt (8.36 KB)