I would have said that I was at least adept with TCP/IP but this has confused me.
I had just installed a 433 w/ v3.20 at a branch office just inside the DSL modem and running 2 subnets on the inside. While troubleshooting an email client, I find that a traceroute to the remote server from the PC running the client returns an unusual output. The first and second hops are listed as the remote server itself and no reply on subsequent hops. The remote server is actually 5 hops away.
Running a traceroute from the Mikrotik router and the DSL modem both return the correct sequence of hops. Running a traceroute from the PC to any other host, even in the same remote domain, works fine. The traceroute works when the PC is instead connected directly to the DSL modem, avoiding the Mikrotik. All other apps to other sites on that PC work fine.
I can’t see that there is anything unusual on the Mikrotik in the routing table, ARP, DNS, there are no firewall settings, NAT is performed on the DSL modem.
I have to go back to look at that situation again in a few days. Can anyone give me a clue as to what I should be looking at? Thanks
Its most likely one route is missing,
you said that NAT is performed on DSL modem, so I will assume that everithing is routed on your network,
my bet: DSL modem don’t know how to reach your internal subnets,
Thanks edward08. The DSL modem is configured to find the two internal subnets on the other side of the Mikrotik router. And that works for everything, except for PCs accessing this one remote server. Everything leaves the branch heading out the default route. And all PCs in the branch can access everything else on the outside successfully, just not this one remote server.
I had just never seen a traceroute response like this. The first and second hops to the remote server’s IP address returns output giving the IP and DNS name of the remote server and all subsequent hops time out. The server is 5 hops away. All PCs and all other remote hosts tested return expected traceroute output.
if you have access to the mailserver, can you post a trace to that office?
and the trace from the office to the mailserver too
but… first and second hop destination ip¿?
I won’t be able to get output until Monday but I’ll post it then.
I’m back later than I expected. I still can’t post output, but I have determined that the DSL modem does not reply to ICMP on its outside interface. I suspect that is the issue.
So I presently don’t think this is a Mikrotik issue. I will post output and the solution when I get it, which will probably be a few weeks. Thanks.
Just tying up loose ends here. Allowing ICMP at the DSL modem did not solve the issue. I’m back to thinking it is an issue with the Mikrotik router itself but will not dig into it again until this fall. This thread is closed.