Upgraded to the latest RouterOS 6.0 today so using the latest OS for my routerBoard RB2011UAS-2HND-IN. I have followed this walkthrough http://wiki.mikrotik.com/wiki/Manual:Interface/PPTP#PPTP_Server to the T and from inside the LAN, can connect to the VPN via a Windows XP box without any issues. However, when trying to connect outside of the LAN (ie - the whole point) I get absolutely nothing. I receive an error that the VPN server did not respond on my iPhone/MacAir and an Error 800 on a Win7 Pro machine. I’m clearly missing something and it’s probably simple, but after 8hrs of frustration and a few hundred or so Google searches .. I’m out of ideas. Any help?
u set the firewall rules?
Walkthrough didn’t say anything about having to setup the firewall as well. Figured it was an auto option when you enabled the server. Suppose I should’ve figured out that that was the culprit (though I did do a port scan and nmap shows it being filtered).
I ran the following:
/ip firewall filter
add chain=input protocol=tcp dst-port=1723 action=accept
add chain=input protocol=gre action=accept
And that seemed to fix it. Now on to figuring out why I can’t see the other computers on the network. Yay. Thanks for pointing me in the right direction littlebill. Appreciate it! = )
change your lan interface where it says arp, change that from enabled? to proxy-arp and it will work fine!
under interfaces
you will learn quite quickly nothing on mikrotik is auto anything, every single thing is manual
Hmm.. seems to be enabled but still no luck seeing the other machines. I am in a domain environment, but I wouldn’t think that should matter. I’ve been able to see other computers on the same LAN without being connected to the Domain before.
Yeah - your not kidding. Awesome that it’s so powerful and has so many different features. Suppose that comes with a price.
not enabled needs to say proxy arp
Sorry - poor choice of words. LAN ether2 port is set to arp: proxy-arp. That is the only port that is plugged in as everything else runs off a switch. Tried setting it on the WAN port as well just to make sure I didnt misunderstand but still not having any luck. This is my first experience with a VPN environment but one oddify that I see when running on the remote machine is I get an IP address within my vpn pool , but the subnet is 255.255.255.255 and I have no default gateway. Its would seems that probaby has something to do with it but comparing that with my regular DHCP range … Nothing appears different.
So trying to track what’s going on with this and one site said it wouldn’t work with PPTP (which doesn’t make sense but whatever) so setup L2TP as well. Been able to connect via both VPN protocols .. but still unable to get through to anything else on the network once connected. Any other avenues I might try?
Solved - Feel like an idiot. Decided to ping from the router to make sure I could hit all the computers on the LAN. Which worked as expected. When I specified ether2 interface (which should be the LAN port) and pinged however.. fail. What the? I went through each interface until I finally landed on bridge-local .. and ping finally responded. Checked ARP there and sure enough.. was ‘Enabled’ not set to arp-proxy. Soon as I switched that, network computers all pop’d.
littlebill - thanks again, appreciate pointing me in the right direction.
#winning