hi all,
i just setup my mikrotik and everything works just fine.
internet up, dhcp up, vpn works fine all good.
BUT
when i connect via vpn - i am able to ping the mikrotik and i get a reply…
when i try to connect or ping any outher device in the network (fileserver) i dont get any reply.
my firewall settings are realy basic (https://www.ksite.de/mikrotik-initial-setup-konfiguration/)
i also tryed with a complete empty fire wall.
may some of you MK gods help me?
best
frank
Does the VPN endpoint receive an IP address from the LAN range, or is there a dedicated VPN endpoint pool? If from the LAN, then you’ll need to set arp=proxy-arp on your LAN interface.
I’m assuming your VPN type (you didn’t specify) is one which creates a virtual interface for each connected VPN endpoint. Make sure the forward table does not block all interfaces except LAN interface. If so, then you may need to re-work its design to block WAN and allow all others, or else if the VPN virtual interface is always the same, you could allow that interface in the forward table.
Basically, the ability to ping to but not through the Mikrotik boils down to either routing or firewall, so these two basic hints should cover most of the usual issues.