Both Main Router and Client are Mikrotik
All connecting fine.
But when I try to reach a RDP (192.168.88.10) server at RemoteClient, I need to add a route to MainRouter, so that MainRouter clients know where to go.
I tried to use the IP that the tunnels gives, example 10.0.0.2 and all works fine, until tunnel goes down and up again and the IP did change to 10.0.0.3.
So I did look for an alternative way to set the route. In the MainRouter routing table I do see the VPN connected as this:
Dynamic dest-IP:10.0.0.3 (tunell ip) Gateway:
So I then added the route for 192.168.88.0/24 to
This seems to work fine all time, but where do the -1 comes from, and is this the best way to do it? What if it changes to -2…
How should I find out this before the router connected? It needed even to have the < > in the name.
While there is an answer to this exact question, I’ll skip it and answer to what you actually want instead.
The best way is to use the routes parameter of the /ppp secret row at the server (MainRouter) side.
The -1 (or -2, or even -3 if the network behaves really funny at that time) is there because the previous connection had not timed out yet at the server side at the moment the client has established a new one. If multiple tunnels to the same client are established, the system may use any of them to deliver packets, so if one of the tunnels is dead, some packets do not get through. One way to deal with this is to prevent a new tunnel from establishing while an old one is still active, but the effective outcome is the same - until the old tunnel times out, you cannot talk to the client. So it is better to use an on-up script in the /ppp profile to which the /ppp secret row refers to actively remove older tunnels to the same user.
