Hi, I got the following problem :

I got a VPN (pptp) conection to office A . The pptp server asigns me 192.168.250.40 ip address. At the mean time I need to route 192.168.0.0/16 via this VPN. But there is no gw to put cos actualy these are reachable . Please help me … I am not good at routing at all !

I need to add that this was a setup on a windows XP machine .
There was a VPN connection to office A + a batch file contaning the following line :

route add 192.168.0.0 netmask 255.255.0.0 gw 192.168.250.40

this lets the windows machine to have access to all host on 192.168.0.0 network.

Please guys tell me how to achieve that with MT .

Using Winbox:-

• 1. Click PPP.

2. Click +
3. Select PPTP Client
4. Enter appropriate information for remote PPTP server. Leave “Add Default Route” unchecked, otherwise everything will be routed over this connection.

The local IP address is provided by the remote server and a route should be automatically created locally. However, if you want access to anything on the remote LAN, if the PPTP server is not already the default route you will need to add routes as appropriate.

The MT documentation at http://www.mikrotik.com/testdocs/ros/2.9/interface/pptp.php has some good examples.



Regards


Chris Macneill

Thank you for your fast response , but my question is still open !
I did not ask how to make a pptp connection, this is a peace of cake!
It is all about routing. You were kind enough to explain how to make the pptp but not eplain how to make the routing ? You say check the manual … well I think that the manual also explains how to make pptp …
well , so it comes that for the things we know how to - we write … and for the things we dont know we just say " you should look at the manual "

Thanks any way !

Let me give some more details :

The remote pptp server is giving the following IP :

192.168.250.40 network 192.168.0.7

And the question is how to make a route that tells my box that all addresses from network 192.168.0.0/16 are available via the pptp interface ?

The remote pptp server is giving the following IP :

192.168.250.40 network 192.168.0.7

add the network to your routelist as gateway
dst-add 0.0.0.0 gateway 192.168.0.7

Thank you guaidetian !

I tried what you advice with no luck

[plam40@TheWall] ip route> pr
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf

DST-ADDRESS PREF-SRC G GATEWAY DIS INTERFACE

26 S 0.0.0.0/0 u 192.168.0.7

give me all of you route list
maybe you need to mark routing
/ip fir mangle
add chain=prerouting in-interface=lan src-address=“your local ip address” action=mark-routing new-routing-mark=vpn passthrough=yes comment=“” disabled=no

/ip route
add dst-address=0.0.0.0/0 gateway=“the gateway of your out interface,but not your vpn network” scope=255 target-scope=10 comment=“” disabled=no
add dst-address=0.0.0.0/0 gateway=“vpnnetwork” routing-mark=vpn scope=255 target-scope=10 comment=“” disabled=no

Well i do apriciate your help but the question is clearly a matter of the routing .

The result that must be achieved is : Adding a working route for the network 192.168.0.0/16 without having a GW on that network

in windows you simply tell the machine which Interface to youse to reache the desire address … but here in the world of MT is not working

If I try to put a route with no GW , it would give me an error message !
If I try to put a route with GW the pptp interface it just wont work !

Well is there anybody that really knows how the things work ?

I am asking again please help me … or should I write to support ?
Recenly I’ve purchased level 6 for my main box , may be this makes sense ?

If you actually read the information at the link I gave you, you will find the information IS there. There are worked examples on how to setup a PPTP connection INCLUDING information on what routes to setup.

Here is the line that should work for your setup.

/ip route add dst-address 192.168.0.0/16 gateway 192.168.250.40

You don’t say what equipment is at the server end, but it is likely you’ll need to add a route there to route packets back to the local network.

Also the client end network must NOT be anything 192.168.x.x otherwise it won’t work. Local network needs to be 10.x.x.x or 172.16.x.x. Alternatively you need to alter the netmask at the server end to free up some 192.168.x.x address space.

I’m currently trying to get my PPTP connection working, so some of this information is subject to verification.

If it still doesn’t work for you, you’ll need to give more details, e.g. local address ranges, what is the server end, an MT router or some other PPTP server?



Regards

Chris Macneill

Thank you Chris, my local pptp is working as a charm , got no problems with it !

The only thing not working is a pptp for a client’s office which connects to another country … which makes not possible any changes on the remote site

and about the example route you give me … yes it was the first thing i tried but it daoes not work … even if it is strange to you

we need an expert here

I’ve been working on IP networks for over 17 years, so I’m not exactly a novice and although modesty prohibits me from calling myself an expert, others have mentioned the title guru from time to time.

With MikroTik you learn something new everyday.

I’ve got my PPTP connection working, basically MT seems to work the opposite way round to what you might expect.

The gateway address is the IP address of the server, not the client end.

So in your case the following should work:-

/ip route add dst-address 192.168.0.0/16 gateway 192.168.0.7

However, this assumes the client end network is NOT 192.168.x.x and that a route has been entered into the server with a gateway of 192.168.250.40 to route back to the client network.

Thank you cmacnelly

/ip route add dst-address 192.168.0.0/16 gateway 192.168.0.7

This is very right …

Its just some times i am loosing concentration i have 4 routers and i made mistake by puting te route rull to another one !!!

Thanks again , sorry for not trusting you !!!