Hi all
I’ve set up a policy based route to handle traffic through my VPN PPP interface… I followed the instructions on http://wiki.mikrotik.com/wiki/Policy_Base_Routing.
It works on my Mikrotik at the office, but at home (CRS109-8G-1S-2HnD-IN), the following occurs:
- I have a mangle rule to add a route mark “express-vpn-mark” on src addr 192.168.88.251 (My laptop address for testing)
- I have a PPP interface running called “express-vpn”, without the “add default route” option, as I don’t want my entire network to route through this interface
- Under routes, I have a static route set up, which when it receives the “express-vpn-mark” route mark, it will route traffic out through “express-vpn” PPP interface
If I run a traceroute, it works (10.0.0.1 is the PPP range):
$ traceroute www.google.com
traceroute to www.google.com (216.58.223.4), 64 hops max, 52 byte packets
1 router (192.168.88.1) 1.339 ms 4.980 ms 0.810 ms
2 10.0.0.1 (10.0.0.1) 219.540 ms 228.588 ms 220.542 ms
3 64.20.52.217 (64.20.52.217) 221.035 ms 230.255 ms 233.046 ms
4 64.20.32.45 (64.20.32.45) 220.855 ms 221.096 ms 219.619 ms
5 vl565.cr2.teb1.us.as19318.net (64.20.32.218) 219.288 ms 218.766 ms 220.595 ms
6 core1-0-0-8.lga.net.google.com (198.32.118.39) 222.725 ms 230.919 ms 218.984 ms
If I telnet to a public port, that works:
$ telnet www.google.com 443
Trying 216.58.223.4...
Connected to www.google.com.
Escape character is '^]'.
But if I try and browse using chrome / safari, it says connected, and establishing secure connection, but then says “Site cannot be reached”
Note that if I setup the PPP interface to “add default route”, everything works perfectly, including chrome / safari browsing.
Any ideas? Possibly something with route distance?