Currently I’m trying to re-establish a tunnel from Texas to Pennsylvania. The end user in Texas lost their ISP connection, ISP turned service back on. So I’m assuming that the public IP would have probably changed. I disabled the tunnel and IPs associated with Texas on our end, and I was trying to get the tunnel rebuilt on that end before changing the settings in Pennsylvania. No changes were made in Texas, but connection was lost.
Is there any ideas as to why a CRS109-8G-1S-2HnD-IN would not have internet connection? Currently waiting for the end user to return home to try some troubleshooting like plugging directly into the modem.
So more than likely the IP changed so tell the other end to get a business account and the IP will be static.
Starting basic can you ping the public IP at both ends?
If yes look at the mac address in the arp to see if the device mfg changed and if so the IP changed with your peer.
That’s kinda what I thought too on the public IP changing. Unfortunately I get no response on pinging it. And I haven’t had any chance to try and ping from that end back to me.
If this helps, I had them direct connect into the modem, that way I can find the public IP. Before re-establishing the tunnel, the issue now at hand is that the router/switch is now not getting internet connection at all when the modem is plugged into it. Which is confusing to me because right before I made the post, we were able to access the web interface of the switch via the default IP of 192.168.88.1.
No changes were made as I was just information gathering at that point, then midway through connection was lost.
ISP has verified that their end is good as a technician was out there.
Oh rextended, is this an MT configuration thread?
I thought the OP was using his device to actually dig a tunnel between the two states as in rooting not routing…
To the OP, provide crap get crap…
Start with the /export config!
Just hide any public IP numbers with fake ones or xxxx etc…
Sorry, I’m not a networking expert and I don’t want to try and sound like an asshole. I was basically tossed into this because the previous IT admin killed themselves. They left no documentation, I’ve been trying to find ANY documentation, I’ve been trying to find passwords for every little thing. I literally have had to trial by fire everything because I’m unfortunately the only other employee besides the owner and the manager in Texas. So I apologize for providing crap.
When you say to export the config, I’m assuming that it would need to be my side since the Texas side was reset?
I wish I had a network diagram when this all got dumped on me. I’ll have to see if I can take time to make one in lucidchart or something because this network is a nightmare for someone like me.
Okay my apologies, sounds like you are indeed in a pickle.
What MT devices do you have at both ends again?
As stated a network diagram would really help and yes you need access to both devices to manage them.
It may be time for professional help to get you up and running that is local to you…
So you know both public IP’s. (This is One “manual” way of doing it)
On a Mikrotik device in that network, and that has access to Internet : start “IP Cloud” and set DDNS enabled.
Now you have a static DNS entry always pointing to the public IP address of that side/site. The IP Cloud tab is even showing your public IP address.
If in dub , “Force Update” the information.
DNS name “serial.sn.mynetname.net” to be used (copy/paste ?) on the other side to setup VPN.
After the DDNS update the DNS A record (IP address) is available for resolving to the whole internet.
Any of the 2 sides that can get some port forwarded to the MT device, will host the ROS VPN servers.
The Other side a MT will connect as VPN Client. (It may sit behind multipe NAT and doesn’t need port forwarding. Just any Internet connection will do)
Dropping a mAP Lite in some foreign LAN , and it will connect to your server.
There are many VPN interfaces Server/Client in ROS that can be used for this, pick what is possible for you. (eg. depending on port forwarding possibilities)
There is normally no need for a static IP address. (This may cost a lot with some ISPs, like forcing you to take a business account.)
Hello, this problem happens to me, sorry for the translation.
I have a tunne with wireguard between home and company, I have Mikrotik with 2 wan home side, the problem is this, when the 2 wan are on and wireguard connects with the Wan2 (Sky-WiFi) the tunnel tunged, from home I can pingare All the company on the company, but when you open RDP it opens up and remains black, after a while it gives me an error.
If I open the web page of the equipment, the link opens and remains there with a white page. If, on the other hand, the Wan2 disabled, and I only go out with the Wan1, RDP and the equipment web page works perfectly.
In my opinion I don’t think it’s a problem of rules, but I have been working on it without results for days.
If someone has the same problem and could help me.
What is happening now, is that the PC in Texas can ping machines on the network in Pennsylvania. But Pennsylvania cannot ping anything but the router in Texas. As of now that’s not a concern as there is only a PC and the VoIP there (unless it’s an issue with VoIP)
The challenge now is getting the VoIP in Texas back up.
The VoIP system in Pennsylvania is on a completely different subnet (the example of 2.2.4.5) from the Pennsylvania main network (example of 2.2.4.4). Does this mean I need to build another tunnel specifically for the VoIP subnets?
