Hello,
I have 5 Mikrotik router with the same setting which all of them connected to a Mikrotik LT2P server
so all devices are the same except the L2TP address they get
172.16.6.1-172.16.6.5 / 16
the ethernet is 10.129.250.250/24
in the firewwall I have this rule
the L2TP server can reach network 10.129.10.0/24
I can reach from the remote device to a server on 10.129.10.5 and able to send it data (the data is simple syslog data from the router , not from a connected device ). so all the netwrok rules\routing are working .
my question is
why I’m seeing in server 10.129.10.5 that the data is comming from 10.129.250.250 , what\where I need to change in order to see the L2TP address of the device ?
in the L2TP server? in the remove router?
You have unconditional masquerade rule, so it affects all connections, no exception. Usually you want masquerade only for access to internet, using e.g. out-interface=.
Didn’t I already? Masquerade changes source address to whatever address router has on outgoing interface. It’s what allows you to have private (non-public) addresses in LAN and be able to connect to internet from them. This is one case where you definitely want it. But you shouldn’t need it for anything else. So the rule you posted, add out-interface= to it, and it’s most likely what you need.