Site to Site VPN causing issues with Dial-up VPN users

saintofinternet · January 21, 2018, 12:30pm

hello,

i had around 30 users using the VPN on a Mikrotik router to connect using dial-up VPN (Road Warrior Type) using L2TP/IPSec

everything was working fine…

now when i setup one Site-to-Site VPN with Mikrotik on both the side… all users from both sides work just fine… “but” the dial-up users just connect and they can no more transfer the data.

so basically the Site-to-Site VPN users cannot somehow ping the Road Warrior PC (Connected through L2TP/IPSec) and vice-versa…

does this have to do something with the NAT and Firewall Rules you have to setup when configuring the Site-to-Site VPN on Mikrotik??

saintofinternet · January 23, 2018, 6:27am

not a single reply??

anything wrong with my question?

emils · January 23, 2018, 7:16am

Please post your Firewall export, policy print and mention what is your VPN pool.

saintofinternet · January 24, 2018, 2:31am

…

emils · January 24, 2018, 9:29am

Your masquerade rule needs to be more specific or you should create additional accept rules for VPN-pool network to Site to site remote network.

If it is not helping, use Tool Torch and Tool Packet Sniffer to help you troubleshoot the issue.

saintofinternet · January 25, 2018, 2:03am

i did create more NAT rules but still it failed.

the IP pool for road warrior’s get a complete different subnet and i can’t setup a subnet in the IP pool for them either.

can you direct me or guide me on what needs to be done precisely…as i have never use the Torch option before.

saintofinternet · January 29, 2018, 3:22am

now why am i receiving this?? it seems to reach the destination but then gives that error.