[SOLVED] PPTP tunnel problem

RouterOS General
1

Hi all.

I have 2 Mikrotik RB751U-2Hnd. My office RB751 has PPTP server setted up. If I connect to office RB from Windows VPN client I have access to my work network.
Now I have tryed to connect my home and work networks using this example (http://wiki.mikrotik.com/wiki/Manual:Interface/PPTP#Site-to-Site_PPTP) but it doesn’t work.
If I ping my work network from home RB751’s terminal - everithing works. But if I ping my work network from my home PC - its unreachable.

Could someone help me what I have to do next& Maybe some routing on my home PC&

Thanks in advance.

2

What I have:

WorkRB
Network 10.11.27.0
PPTP Server 10.88.88.1

[admin@MikroTik] /interface pptp-server> server print 
enabled: yes 
max-mtu: 1460 
max-mru: 1460 
mrru: disabled 
authentication: pap,chap,mschap1,mschap2 
keepalive-timeout: 30 
default-profile: default-encryption




[admin@MikroTik] > /ppp secret print detail 
Flags: X - disabled 
0 name="user1" service=pptp caller-id="" password="***" profile=default-encryption local-address=10.88.88.1 remote-address=10.88.88.31 routes="192.168.3.0/24 10.88.88.31 1" limit-bytes-in=0 limit-bytes-out=0

Routes

[admin@MikroTik] > /ip route print Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE 
0 A S 0.0.0.0/0 <my static inet IP :)> 1 
1 ADC 10.11.27.0/24 10.11.27.254 ether5 0 
2 ADC 10.88.88.31/32 10.88.88.1 <pptp-user1> 0 
3 ADC 192.168.1.0/24 192.168.1.1 ether2 0 
4 ADS 192.168.3.0/24 10.88.88.31 1 
5 ADC 192.168.250.0/24 192.168.250.1 wlan1 0

HomeRB
Network 192.168.3.0
PPTP Client 10.88.88.31
Routes

[admin@MikroTik] > /ip route print 
Flags: X - disabled, A - active, D - dynamic, 
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADS  0.0.0.0/0                          <my dynamic inet IP :)>             0
 1 A S  10.11.27.0/24                      pptp-out1                 1
 2 ADC  10.88.88.1/32      10.88.88.31     pptp-out1                 0
 3 ADC  192.168.3.0/24     192.168.3.1     bridge1                   0
3

Is there noone has no idea what is wrong? Please, I need help.

4

The work router probably does not know to use the PPTP connection for traffic to your home LAN. Try adding that route on the work router. If that doesn’t work use trace route to get more information.

5

Here is the route to my home network on the work router.

4 ADS 192.168.3.0/24 10.88.88.31 1

Does it wrong?

6

Check the routes on your home PC and also run tracert to a work LAN address and see what path it shows.

7

What route I have to have on my home PC?

route add -p 10.11.27.0 mask 255.255.255.0 192.168.3.1

It didn’t help.

I’ve got “Request Timed Out”

8

The trace route should show you how far the request is getting before it times out.

9

From router’s terminal everithing works fine, but from PC - nothing.
I’m not shure what route I have to add.
tracert.png

10

What is the default gateway set to on the device you are pinging on 10.11.27.1 ?

11

There is no gateway on that PC. That is DNS of that network.
Work router is connected to network 10.11.27.0 and 1 PC has 2 NICs (10.11.27.* - work LAN and 192.168.1.* for the internet).
I don’t know how it was configured, but internet goes to 192.168.1.0 network. 11… network has no internet. Fromoutside I connect to 11… network through PPTP on the router.

12

Anything on the work network 10.11.27.0/24 that you try to connect to from the home LAN needs to either have a default gateway of the work router or a specific route for your home LAN addresses pointing to the work router otherwise the traffic can never return.

13

Problem has solved. I’ve added a firewall rule and a NAT rule on my work mikrotik.
Thanks for your help.

14

Sounds like the NAT rule must be working around a missing route.