Hi,
I have a MT with 3 nic:
2 wan
1 lan
Two wan have public ip addresses and are load balancing adsl like:
Now I want to make a pptp server using wan1.
I do pptp server and can connect from lan to wan1 but no response from external to wan1.
Any ideas? Where is my mistake?
Here the configuration:
/interface ethernet print
NAME MTU MAC-ADDRESS ARP
1 R lan 1500 00:0D:88:CD:08:91 proxy-arp
2 R wan2 1500 00:0D:88:CD:08:92 enabled
3 R wan1 1500 00:0D:88:CD:08:93 enabled
/interface print
NAME TYPE RX-RATE TX-RATE MTU
1 R lan ether 0 0 1500
2 R wan2 ether 0 0 1500
3 R wan1 ether 0 0 1500
6 pptp-in1 pptp-in 0 0
/ip firewall mangle print
0 chain=prerouting action=mark-connection new-connection-mark=odd
passthrough=yes in-interface=lan src-address-list=odd
1 chain=prerouting action=mark-routing new-routing-mark=odd passthrough=no
in-interface=lan src-address-list=odd
2 chain=prerouting action=mark-connection new-connection-mark=even
passthrough=yes in-interface=lan src-address-list=even
3 chain=prerouting action=mark-routing new-routing-mark=even passthrough=no
in-interface=lan src-address-list=even
4 chain=prerouting action=mark-connection new-connection-mark=odd
passthrough=yes connection-state=new in-interface=lan nth=1,1,0
5 chain=prerouting action=add-src-to-address-list in-interface=lan
connection-mark=odd address-list=odd address-list-timeout=1d
6 chain=prerouting action=mark-routing new-routing-mark=odd passthrough=no
in-interface=lan connection-mark=odd
7 chain=prerouting action=mark-connection new-connection-mark=even
passthrough=yes connection-state=new in-interface=lan nth=1,1,1
8 chain=prerouting action=add-src-to-address-list in-interface=lan
connection-mark=even address-list=even address-list-timeout=1d
9 chain=prerouting action=mark-routing new-routing-mark=even passthrough=no
in-interface=lan connection-mark=even
/ip firewall nat print
1 chain=srcnat action=src-nat to-addresses=192.168.72.215 to-ports=0-65535
connection-mark=odd
2 chain=srcnat action=src-nat to-addresses=192.168.101.106 to-ports=0-65535
connection-mark=even
/ip firewall service-port print
NAME PORTS
0 ftp 21
1 tftp 69
2 irc 6667
5 gre
6 I pptp 1723
/ip route print
DST-ADDRESS PREF-SRC G GATEWAY DISTANCE INTERFACE
0 A S 0.0.0.0/0 r 192.168.72.193 1 wan1
1 A S 0.0.0.0/0 r 192.168.101.105 1 wan2
2 ADC 10.10.0.0/20 10.10.0.2 0 lan
3 ADC 192.168.101.104/29 192.168.101.106 0 wan2
4 ADC 192.168.72.192/27 192.168.72.215 0 wan1
/ip pool print
NAME RANGES
1 pptp-pool 10.10.7.100-10.10.7.200
/ppp profile print
1 * name="default-encryption" local-address=10.10.7.1 remote-address=pptp-pool
use-compression=default use-vj-compression=default use-encryption=yes
only-one=default change-tcp-mss=yes
/ ppp profile
set default name="default" use-compression=default use-vj-compression=default
use-encryption=default only-one=default change-tcp-mss=yes comment=""
set default-encryption name="default-encryption" local-address=10.10.7.1
remote-address=pptp-pool use-compression=default
use-vj-compression=default use-encryption=yes only-one=default
change-tcp-mss=yes comment=""
/ ppp secret
add name="test" service=pptp caller-id="" password="test"
profile=default-encryption routes="" limit-bytes-in=0 limit-bytes-out=0
comment="" disabled=no
/ ppp aaa
set use-radius=no accounting=yes interim-update=0s