Route Internet from PPTP to L2TP

far2005 · October 5, 2011, 2:06pm

Hello
I’m new to the whole mikrotik thing..
a simple question

I have a mikrotikOS which is a server for auth , etc , etc for L2TP users it does have access to Internet but i dont want to use it’s internet . so i have another server which is PPTP server that i want to use it’s internet for my users…
lets simplify it.

User --(use L2TP to connect to Mik)–> Mikrotik --(mikrotik use a pptp client to connect to pptp server )–> PPTP server

i have no idea how to do it..
so please help me step by step…
THX

sadeghrafie · October 9, 2011, 10:09am

Hi,

I think you have a NAT rule in (/ IP firewall nat) that allows L2PT users to access to Internet.

It must be Masqueade. If need more help, plz tell me more about your configuration.

in terminal:

/ ip firewall nat print detail
/ ip route print detail
/ interface print detail

Copy these and send to me.

far2005 · October 9, 2011, 12:11pm

Hello and thx for your answer
here are what you wanted:

[admin@MikroTik] > /ip firewall nat print detail 
Flags: X - disabled, I - invalid, D - dynamic 
 0   chain=srcnat action=masquerade 



[admin@MikroTik] > /ip route print detail 
Flags: X - disabled, A - active, D - dynamic, 
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
B - blackhole, U - unreachable, P - prohibit 
 0 A S  ;;; added by setup
        dst-address=0.0.0.0/0 gateway=46.4.1xx.1 
        gateway-status=46.4.1xx.1 reachable WAN distance=1 scope=30 
        target-scope=10 

 1 ADC  dst-address=46.4.1xx.0/26 pref-src=46.4.1xx.43 gateway=WAN 
        gateway-status=WAN reachable distance=0 scope=10 

 2 ADC  dst-address=172.15.1.246/32 pref-src=172.20.1.1 gateway=<pptp-test> 
        gateway-status=<pptp-test> reachable distance=0 scope=10 




[admin@MikroTik] > /interface print detail 
Flags: D - dynamic, X - disabled, R - running, S - slave 
 0  R  name="WAN" type="ether" mtu=1500 

 1     name="L2TP" type="l2tp-in" 

 2  X  name="PPTPUS" type="pptp-out" 

 3     name="PPTP" type="pptp-in" 

 4 DR  name="<pptp-test>" type="pptp-in" mtu=1400

sadeghrafie · October 9, 2011, 9:30pm

Hi,
As I think, it caused by your NAT rule. It can be done as below.
If you use winbox, It will be so easy. Go to / IP firewall nat :
just edit your NAT rule. Put IP range that you want to access to Internet in src-address. i actually forgot to tell you give me your IP addresses. So, For example if your L2PT users use this IP range(192.168.1.0/24), put this on src-address.
This NAT rule change the source IP address to your public IP that connect you to the internet.
I think it must be fix. But if the problem resist, contact me.