route all traffic through L2TP gw

RouterOS Beginner Basics
1

Hi,

can you please help me pointing to what I should fix?

I wish to route all traffic thorough out the L2TP interface. As it is now, all traffic is going through 192.168.0.1
The obvious (at least to my limited knowledge) would be to disable route #1. However, when doing this I am not able to generate any traffic, nor to have a DNS response.

Below some prints, if it helps.


Really appreciate any input :slight_smile:
Ana

===========================
[admin@MikroTik] > interface print
Flags: D - dynamic, X - disabled, R - running, S - slave

NAME TYPE ACTUAL-MTU L2MTU MAX-L2MTU

0 R ether1 ether 1500 1598 9214
1 S ether2 ether 1500 1598 9214
2 RS A2 wlan 1500 1600 2290
3 S A5 wlan 1500 1600 2290
4 R ;;; defconf
bridge bridge 1500 1598
5 R wtr_l2tp-out1 l2tp-out 1450

\

[admin@MikroTik] > ip route print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit

DST-ADDRESS PREF-SRC GATEWAY DISTANCE

0 A S 0.0.0.0/0 wtr_l2tp-out1 1
1 A S 0.0.0.0/0 192.168.0.1 1
2 A S 5.2.224.215/32 192.168.0.1 1
3 ADC 192.168.0.0/24 192.168.0.10 ether1 0
4 A S 192.168.1.0/24 wtr_l2tp-out1 1
5 ADC 192.168.10.1/32 192.168.10.249 wtr_l2tp-out1 0
6 ADC 192.168.88.0/24 192.168.88.1 bridge 0

=====================================
[admin@MikroTik] > ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; defconf: masquerade
chain=srcnat action=masquerade out-interface-list=WAN log=no log-prefix=""
ipsec-policy=out,none

1 chain=srcnat action=masquerade out-interface=wtr_l2tp-out1 log=no log-prefix=""

=========================================
[admin@MikroTik] > /ip firewall filter print
Flags: X - disabled, I - invalid, D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=forward action=passthrough

1 ;;; defconf: accept established,related,untracked
chain=input action=accept connection-state=established,related,untracked

2 ;;; defconf: drop invalid
chain=input action=drop connection-state=invalid

3 ;;; defconf: accept ICMP
chain=input action=accept protocol=icmp

4 ;;; defconf: accept to local loopback (for CAPsMAN)
chain=input action=accept dst-address=127.0.0.1

5 ;;; defconf: drop all not coming from LAN
chain=input action=drop in-interface-list=!LAN

6 ;;; defconf: accept in ipsec policy
chain=forward action=accept ipsec-policy=in,ipsec

7 ;;; defconf: accept out ipsec policy
chain=forward action=accept ipsec-policy=out,ipsec

8 ;;; defconf: fasttrack
chain=forward action=fasttrack-connection connection-state=established,related

9 ;;; defconf: accept established,related, untracked
chain=forward action=accept connection-state=established,related,untracked

10 ;;; defconf: drop invalid
chain=forward action=drop connection-state=invalid

11 ;;; defconf: drop all from WAN not DSTNATed
chain=forward action=drop connection-state=new connection-nat-state=!dstnat
in-interface-list=WAN log=no log-prefix=""