Hi,
I am running RouterOS v5.19 and have an issue with VPN traffic. I have clients set to router all traffic through the box (this is windows / apple clients). When doing so, most things work fine apart from web traffic to servers on the web which get a response of “not here” back served as the website. I had a similar problem previously were it would return a 404 page but I think that went away after a reboot.
Any idea whats causing this? SSL traffic is fine but traffic to other ports such as port 8080 or 81 doesn’t connect. Seems like the box is intercepting stuff for some reason - not sure what. I have web proxy disabled.
I’d look in your mangle and NAT (/ip firewall) sections.
You likely have a DST-NAT or a mark routing which is directing customers to a specific site. If you’re unsure what to look for I’d suggest you do an “/ip firewall export” and paste here.
Hi,
The Mangle section is empty. The NAT section appears to have some masquerade stuff which makes sense.There is no dst-nat rule in there. Full firewall is this with my iprange obfuscated:
Could you open Winbox and take a look at IP/HOTSPOT under Servers is there an enabled service there?
Based on the firewall comments I’m seeing in your post it ‘feels’ like you had/have a hotspot active on the Mikrotik. If that’s the case its possibly doing a captive portal for you. Could be what’s causing the issues
Thanks. I thought it could be related to hotspot. However, having disabled hotspot, and uninstalling it I am still seeing the issues. I even tried removing the firewall rules before disabling it and the profiles but it still happens.
I’ve tried updating to newer versions too, but it still has the same problem. Here are the packages that are installed / enabled:
> /system package print
Flags: X - disabled
# NAME VERSION SCHEDULED
0 system 5.21
1 X ipv6 5.21
2 X wireless 5.21
3 routeros-powerpc 5.21
4 mpls 5.21
5 routerboard 5.21
6 dhcp 5.21
7 ppp 5.21
8 routing 5.21
9 advanced-tools 5.21
10 security 5.21
> /ip firewall export
# oct/22/2012 17:33:10 by RouterOS 5.21
# software id = 0T36-HKDX
#
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s tcp-close-wait-timeout=10s tcp-established-timeout=1d tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=yes ports=69
set irc disabled=yes ports=6667
set h323 disabled=yes
set sip disabled=yes ports=5060,5061 sip-direct-media=yes
set pptp disabled=no
Any other ideas? I’m intending on using this box just to terminate VPNs on.
Hi,
I have found that the destination of the traffic seems to be the web server that is on one of the DNS servers that was configured which is most peculiar..!
