VPN issues

RouterOS Beginner Basics
1

Guys appreciate if you can help.

I’ve followed the guide highlighted in - http://wiki.mikrotik.com/wiki/MikroTik_RouterOS_and_Windows_XP_IPSec/L2TP

I’m facing 2 issues:

  1. I get connected but I can’t access my resources, in which of the firewall ruleset must I add in the VPN subnet?

  2. I can’t surf using the connection i’m connected to. What other configuration am I missing?

Appreciate if you guys can help.

My firewall rule set as below:

/ip firewall filter
add action=drop chain=input comment="Disallow weird packets / Drop Invalid connections" connection-state=invalid disabled=\
    no
add action=accept chain=input comment="HE.net 6to4 tunnel - ICMP allowed - 66.220.2.74" disabled=no in-interface=ether1 \
    protocol=icmp src-address-list="HE Tunnel Broker"
add action=drop chain=input comment="Drop ICMP (WAN) Allow ICMP (LAN)" disabled=no in-interface=ether1 protocol=icmp
add action=accept chain=input comment="VPN UDP 500" disabled=no dst-port=500 protocol=udp
add action=accept chain=input comment="VPN UDP 1701" disabled=no dst-port=1701 protocol=udp
add action=accept chain=input comment="VPN UDP 4500 " disabled=no dst-port=4500 protocol=udp
add action=accept chain=input disabled=no protocol=ipsec-esp
add action=accept chain=input comment="Allow LAN access to the router itself" connection-state=new disabled=no \
    in-interface=ether5
add action=accept chain=input comment=" ^^ that originated from LAN" connection-state=established disabled=no
add action=accept chain=input comment=" ^^ that originated from LAN" connection-state=related disabled=no
add action=drop chain=input comment="Disallow anything from anywhere on any interface" disabled=no
add action=drop chain=forward comment="Disallow weird packets" connection-state=invalid disabled=no
add action=accept chain=forward comment="Allow LAN access to move through the router" connection-state=new disabled=no \
    in-interface=ether5
add action=accept chain=forward comment=" ^^ that originated from LAN" connection-state=established disabled=no
add action=accept chain=forward comment=" ^^ that originated from LAN" connection-state=related disabled=no
add action=accept chain=forward comment="Filter exception for port mapped server" disabled=yes dst-port=22 protocol=tcp
add action=drop chain=forward comment="Disallow anything from anywhere on any interface" disabled=no