Hello,
I just bought MikroTik Chateau 5G. Internet provider is Tmobile through a SIM card inserted into the router. No other device is used. Internet works just fine, but I cannot configure VPN to get it to work. I updated to the newest software version - 7.12.1. The router uses default private ip which is 192.168.88.1 and the vpn 192.168.89.1. I have VPN Access enabled in the quick setup and from what I see vpn server setups automatically with all required ports enabled to allow l2tp/ike connection (udp, 500, 1701, 4500). In IP>Firewall>Nat there is configured chain srcnat action=masqueradeI. cannot connect to the VPN no matter which protocol I use LT2P or IKEv2. When I try to connect using VPN address as it is shown in the quick setup and I get an error that says that the server L2TP does not response. I saw somewhere in the Cloud tab a messenge “Router is behind a NAT. Remote connection might not work.” and I guess that might be the case. I’ve got a public IP but it is different from VPN server adress seen in mikrotik web panel. Tried to connect through macos, windows and ios - same problem. Can someone try to help me solve this?
Hello republicx!!!
Did you configured the VPN server in the Mikrotik and client on remote machines which should connect through Internet?
If I did understand, you have a private IP in the Mikrotik, but you need to use a public IP in remote devices to reach the Mikrotik. So the public IP should be in anything else (something of your ISP). In this case, when you started the connection from outside, who answers the connection is not the Mikrotik, so you need to tell to this device with the public IP, to send these connections to your router private address (also known as port forwarder)
Otherwise you should need a public IP in the Mikrotik.
This is what I think, although I never used an Internet SIM Card.
Now you have a public IP in the mikrotik? See /ip address
Which is the VPN IP address that you see in the Mikrotik web pannel? Is this some address in your Mikrotik?
Regards,
Damián
Hey rbuserdl
It’s solved now! The problem was different IP of VPN address from public IP, so it couln’t communicate. I contancted internet provider - TMobile and they gave me username and a password to APN to make ip static (previosly it was dynamic). Then I went to WebFig>Interfaces>LTE>LTE APN’s and I added a new. Value of APN is now data, “Use Network APN” disabled and in authentication I picked CHAP and entered username and pass which TMobile gave me. In the moment I did this public ip address changed and VPN address is the same as public so the problem disappeared and I managed to make L2TP / IKEv2 VPN connections.