Hi all! I had problems on my network with constant hacks and attacks on my wireless network.
When someone connects to network he got an IP with default gateway, DNS and client was ready to surf.
That was a problem because someone simply scaned wireless clients MAC’s and changed MAC and he got a free
internet access.
A frend told me that i shoud switch to VPN and give only access to internet thru VPN connection.
So I did it. Internet access works but there is a small problem…;
A client connect via VPN and he got internet access but not as it was before.
The most important is game called WoW. Inside of game ping is arround 50ms - 120ms (AFAIK its normal)
but after xyz time it lags for half secound, sometimes for whole secound (1000ms) and sometimes for 2.5s (rare)!
It seems like it stops to recieve packets.
Tryed to replace ADSL router and the splitter thingy for adsl, tryed to replace switch, and tryed to directy
connect my PC via crossover cable to MT. The problem didnt solve.
Alone on VPN and still get the “lag”.
Searched the forum and tryed to change MTU for VPN but problem is still the same.
Here is how it looks like:
ADSL router (PPPoE) <—> [ether2] MT [ether1] ----- switch — wlan & local PC’s.
/ interface pppoe-client
add name="pppoe-out1" max-mtu=1480 max-mru=1480 interface=ether2 \
user="xxxxxx@xxxxx" password="*********" profile=default \
service-name="" ac-name="" add-default-route=yes dial-on-demand=no \
use-peer-dns=no allow=pap,chap disabled=no
After that /ping google.com works so clearly no problem here.
/ interface pptp-server server
set enabled=yes max-mtu=1460 max-mru=1460 \
authentication=pap,chap,mschap1,mschap2 keepalive-timeout=30 \
default-profile=wlan
/ ppp profile
add name="wlan" local-address=10.0.0.1 remote-address=vpn \
use-compression=default use-vj-compression=default use-encryption=yes \
only-one=yes change-tcp-mss=yes rate-limit="" comment=""
/ ip pool
add name="vpn" ranges=10.0.0.2-10.0.0.250
/ ip firewall nat
add chain=srcnat src-address=10.0.0.0/24 action=masquerade comment="" \
disabled=no
Tryed this config and when I test for speed I get 8mbit/0.5mbit (what is ok) and than play WoW and
problem is same. What did I do wrong?
Ethernet:
/ interface ethernet
set ether1 name="ether1" mtu=1500 mac-address=xx:xx:xx:xx:xx:xx arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
set ether2 name="ether2" mtu=1500 mac-address=xx:xx:xx:xx:xx:xx arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
Somewhere I found (think on Wiki) that VPN interface must be on arp-proxy setting (in this case ether1)
but I cant log to game when I set it.
WLAN and LAN (ether1) have 192.168.2.x/24 , default gateway 192.168.2.1, ether1 ip:192.168.2.1.
There is no point writing down whole network setup since its problem (atleast looks that way) on RouterOs.
PS. Tryed to use-peer-dns=yes (on PPPoE) and nothing changed.
Speed limiting is normaly done with queues and it works but I noticed that speed limit can be done via
VPN connection. Which is better to use? (guess queue’s)