Hello MikroTik Guru’s.
Need you assistance here. Having and EOIP tunnel configured and was having an address-list traffic redirected through that tunnel which was working perfectly on v6 now after upgrading to v7 its broken.
tried to go through similar topics on the forum but still with no luck, will post the configuration here hoping some of the advanced users could help in sorting it out.
/interface eoip
add allow-fast-path=no mac-address=02:D3:D2:DC:FE:67 name=Home-VPN \
remote-address=xxx.xxx.xxx.xxx tunnel-id=2
/interface vlan
add interface=ether13 name=vlan1 vlan-id=21
/interface pppoe-client
add disabled=no interface=vlan1 keepalive-timeout=60 name=Home-Internet user=\
usernameofinternt
/ip address
add address=172.17.2.1/16 interface=Home-Bridge network=172.17.0.0
add address=10.255.255.2/30 interface=Home-VPN network=10.255.255.0
/ip firewall address-list
add address=172.17.3.15 comment="A71" disabled=yes list=TO-VPN-VPN
add address=172.17.3.228 comment="PC" disabled=yes list=TO-VPN-VPN
add address=172.17.3.3 comment="Ipad" disabled=yes list=TO-VPN-VPN
add address=172.17.3.26 comment="Phone" disabled=yes list=TO-VPN-VPN
/ip firewall filter
add action=fasttrack-connection chain=forward disabled=yes hw-offload=yes \
in-interface=!Home-VPN routing-mark=!TO-VPN
/ip firewall mangle
add action=accept chain=prerouting connection-mark=no-mark connection-state=\
established,related
add action=accept chain=prerouting connection-mark=no-mark connection-state=\
established,related in-interface=Home-Internet
add action=mark-routing chain=prerouting connection-mark=handling-Home-Internet \
new-routing-mark=Home-Internet
add action=mark-routing chain=prerouting connection-mark=handling-TO-VPN \
new-routing-mark=TO-VPN
add action=mark-connection chain=prerouting connection-mark=no-mark \
connection-state=new new-connection-mark=handling-TO-VPN passthrough=yes \
src-address-list=TO-VPN-VPN
add action=accept chain=prerouting connection-state=established,related \
in-interface=Home-Internet
add action=mark-routing chain=prerouting connection-mark=handling-Home-Internet \
new-routing-mark=Home-Internet
add action=mark-routing chain=prerouting connection-mark=handling-TO-VPN \
new-routing-mark=TO-VPN
/ip firewall nat
add action=masquerade chain=srcnat disabled=yes
add action=masquerade chain=srcnat out-interface=Home-Internet
add action=masquerade chain=srcnat out-interface=Home-VPN
add action=masquerade chain=srcnat disabled=yes
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=Home-Internet pref-src="" \
routing-table=main scope=30 suppress-hw-offload=no target-scope=10
add dst-address=0.0.0.0/0 gateway=Home-VPN routing-table=TO-VPN
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=Home-Internet pref-src="" \
routing-table=Home-Internet scope=30 suppress-hw-offload=no target-scope=10
/routing bfd configuration
add disabled=no
/routing rule
add action=lookup disabled=no dst-address=172.17.0.0/16 table=main
add action=lookup disabled=no interface=Home-Internet min-prefix=0 table=main
add action=lookup-only-in-table disabled=no routing-mark=TO-VPN table=TO-VPN
add action=lookup disabled=no interface=Home-VPN min-prefix=0 src-address=\
10.255.255.0/30 table=TO-VPN
add action=lookup-only-in-table disabled=no interface=Home-VPN routing-mark=\
TO-VPN table=TO-VPN
appreciate your support and if any config is missing kindly advise
Thanks for you all