Can anyone give me advice or a link to a similar post for issuing a WAN IP address to a VPN client. What I currently have is an x86 system in a datacentre and am connecting to it via L2TP & IPSec. This works fine and gives out a local IP address in the 10.10.10.0/23 range. What I would like to do, for certain clients is issue a WAN IP address that gets directly routed to and from the client without being NAT’d through the Mikrotik primary IP address.
eg;
80.80.80.10 (Primary Mikrotik IP address)
80.80.80.11-19 (Spare IP addresses)
I can give the test client an IP address from .11 to .19 but all the routing still gets NAT’d through .10 meaning I could not run direct services (such as a webserver) on the remote client. Which is what I am trying to achieve.
Thank you I am able to assign these IP addresses but when visiting ‘http://www.whatismyip.com/’ it still shows the Mikrotik primary IP address: 80.80.80.11 rather than 80.80.80.12. Do you know what I would need to configure within routes etc. to directly allow traffic to and from the VPN clients without being NAT’d? I’d like the VPN clients to have direct communication with the outside world with no filtering.
Hi Scott, probably you have a masquerade rule, create another rule before, put the client public address on the src address field and set the action to accept.
I am able to assign these IP addresses but when visiting ‘