VPN Server - WAN IP Issue

RouterOS General
1

Hello,

I am trying to make my RouterBoard 750 work as a PPTP-Server.

However, I am having some issues with my public WAN IP address.

I followed this guide:

http://tutormikrotik.blogspot.dk/2012/09/vpn-server-with-mikrotik-rb750-or-rb1000.html


After doing this I am able to connect to the VPN-server via the WAN IP address IF i am using the same network as the RouterBoard is on. (Behind the RouterBoard)

I am not able to connect from OUTSIDE to the WAN IP from another internet connection and also tried from work and even from my ipad and iphone - connection is not working to the VPN-Server of the RouterBoard.

My question is - according to the guide I followed - MUST I set a static-ip address for the WAN interface of the RouterBoard to be able to accept incoming VPN connections through the WAN ?

My provider will only allow me to obtain my IP-address through DHCP - but i am getting the same fixed IP-address everytime…

Any friendly souls out there who have ideas of suggestions?

Thank you !

Martin B.

2

You don’t have to specify a static IP to utilize VPN or remote connectivity. As long as your IP is a public IP, you should be fine. I have routers out there with DHCP IP addresses that I remote in to all the time - the IPs aren’t always the same.

Make sure you have allowed the necessary VPN traffic through your input chain in IP/Firewall.

3

Hello!

This was exactly what I was missing to set-up - thank you very much I will have a look at IP/Firewall chain and I am sure this will sort it out for me :slight_smile:

Thank you !

Martin B.


4

Hello again,

I have now added the following to IP - Firewall:

Allow TCP 1723
Allow GRE Protocol ID 47

Still no connection from the WAN to the PPTP-Server of the RouterBoard

Do I have to add same ports to NAT as well ?

Any help is very much appreciated - thank you forum! :slight_smile:

Martin B.

5

Is it possible your ISP is blocking PPTP? If you’re able to initiate connectivity inside, that tells me it’s set up correctly. If you have the firewall rules opened up to allow connectivity from the outside then the next step would be to see if it’s being blocked further upstream.