Hi Guys!
I configured a mikrotik to act as OpenVPN server, and it has VPN connections with several others offices. The system architecture is shown below:
I can make the connection and i can ping the devices in main office. But i can’t ping devices in other offices.
I’ve tried to create masquerades in several configuration forms, but i can’t make the access works.
I attached images of some tried configurations.
Anyone have an idea which configuration is missing? I have to make changes in remote offices?
I don’t have much experience with mikrotik.
Thanks a lot!
I can only guess:
Notebook “do not knows” about networks of Office 1,2,3, all of packets from notebook for example to 192.168.40.0/24 are forwarded to internet.
Add to the .ovpn file needed subnets:
route 192.168.20 255.255.255.0
route 192.168.30 255.255.255.0
route 192.168.40 255.255.255.0
Hi.
This suggestion doesn’t work.. I’ve attached my .ovpn file.
Is there any configuration i can do?
Thanks a lot!
MTVPN.txt (402 Bytes)
From my experience setting up both SSTP and OpenVPN on a MikroTik I found that you need to change the Bridge ARP setting to proxy-arp to allow ping etc. to work (also required to allow RDP sessions).
Here is similar case to your situation:
https://mum.mikrotik.com/presentations/VN17/presentation_4102_1493726768.pdf
Check does ip->routes contains needed routes.
Try to add firewall rules in forward chain to allow packets between 192.168.81.0/24 and 192.168.20.0/24, 192.168.30.0/24, 192.168.40.0/24. Move those rules to the top.
Ensure packets from notebook are routed via VPN (I mean - not via internet), from notebook try following command, use real IP on destination network:
tracert -d 192.168.20.X
Thanks everybody!
I tried to insert chain forward rules as well scrnat rules. None of the options worked.
I think I will have to carry out training to really learn all the concepts involved.
Thanks people!