Community discussions

MUM Europe 2020
 
mehrzud
newbie
Topic Author
Posts: 47
Joined: Wed Aug 04, 2010 5:08 pm

Source Address for PPP and VPN Clients

Thu Jun 09, 2011 8:49 pm

It would be nice to add a source address option to PPP clients such as PPTP or L2TP. (like the one that radius has)
I know one can do it with Pref. Source option of static routes but think of a case that I have a VPN server with multiple protocols support (each for different purposes) and with a single IP address.
At the client side router I have multiple IPs from different ISPs and I want to make different VPN/PPP connections to the above mentioned servers but with different source IPs so my traffic goes through suitable ISP of my choice. Having the mentioned option in RouterOS will really save a lot of time and energy.
You do not have the required permissions to view the files attached to this post.
Last edited by mehrzud on Thu Jun 16, 2011 1:56 pm, edited 1 time in total.
 
ahmedramze
Frequent Visitor
Frequent Visitor
Posts: 95
Joined: Mon Feb 21, 2005 9:29 am
Location: IRAQ
Contact:

Re: Source Address for PPP and VPN Clients

Wed Jun 15, 2011 9:23 pm

first you need from your ISP or your Main Router to route the IPs for example

ISP 192.168.1.1
your public IPs 172.16.0.0/24



your Router 192.168.1.2


your ISP Route table
mikrotik /ip router 172.16.0.0/24 gateway 192.168.1.2
or cisco ip route 172.16.0.0 255.255.255.0 192.168.1.2





then you can use the /24 sub-net on the ppp profile

/ip pool add range=172.16.0.0/24 name public
/ip pool add range=10.10.10.0/24 name private
/ppp profile set defualt localaddress=private remoteaddress=public.

but you must disable IP firewall by make tracking OFF
/ip firewall connection set tracking=disabled.
((( NOTE : if you did not disable it the users will use the mikrotik IP ))

then when user connect with pptp or L2TP , the ip address will be 172.16.0.X and gateway 10.10.10.X

and also same setup for another ISP ,

By the way you need to check the bandwidth for each ISP.


and for any help i can login remotely and make all config for free.
Ahmed.
 
mehrzud
newbie
Topic Author
Posts: 47
Joined: Wed Aug 04, 2010 5:08 pm

Re: Source Address for PPP and VPN Clients

Wed Jun 15, 2011 9:46 pm

Thank you for your reply.

Your answer is 100% in a different direction than the subject of my post.
I am talking about a situation where I have 2 Miks. One act as VPN server (MIK1) with just 1 public IP address and the other as VPN client (MIK2) with multiple public IP addresses from different ISPs.
I have 10 different PPTP, SSTP, L2TP client connections on MIK2.
Now if you have a little experience in multihomed configurations the BIG question of "Which ISP for each VPN client" comes to your mind.
One typical solution would be the use of Mangle-RoutingMark and custom static routes with Pref.Source and RoutingMark. BUT it is is is DISASTROUS when you want different VPN clients to use different source IP address of your public IPs assigned in MIK2.
Another SUPER NICE solution is having a source address option in VPN client connection setup. (like the one radius has)
This would be useful for SNTP client settings too.
Last edited by mehrzud on Wed Jun 15, 2011 10:42 pm, edited 1 time in total.
 
ahmedramze
Frequent Visitor
Frequent Visitor
Posts: 95
Joined: Mon Feb 21, 2005 9:29 am
Location: IRAQ
Contact:

Re: Source Address for PPP and VPN Clients

Wed Jun 15, 2011 10:30 pm

this already found in WiKi

http://wiki.mikrotik.com/wiki/Load_Bala ... e_Gateways


just change the Group A and Group B with pool1 and pool2 and each one for profile of any PPPOE,PPTP etc servers.


Ahmed.
 
mehrzud
newbie
Topic Author
Posts: 47
Joined: Wed Aug 04, 2010 5:08 pm

Re: Source Address for PPP and VPN Clients

Wed Jun 15, 2011 10:42 pm

Now if you have a little experience in multihomed configurations the BIG question of "Which ISP for each VPN client" comes to your mind.
One typical solution would be the use of Mangle-RoutingMark and custom static routes with Pref.Source and RoutingMark.
What I mentioned above is a sort of load balancing.
I am suggesting this for a easier and faster way. In my case of 6 ISPs and 25*3(L2TP,PPTP,SSTP)=75 VPN connections, using different mangle rules and adding different static routes is a lot of work.
Please do not ask why this much VPN client connections! We really need them.
 
artemk
newbie
Posts: 26
Joined: Wed Jun 20, 2012 8:06 pm
Location: Kyiv, Ukraine

Re: Source Address for PPP and VPN Clients

Sun Mar 06, 2016 10:53 pm

UP!

Feature requested in this topic is still needed by many Mikrotik users.
We just need a possibility to choose source address and/or source interface (in case of dynamic address) for PPP/VPN client connection.

Any progress or ETA on this topic?

Thank you!

Who is online

Users browsing this forum: Bing [Bot], nmc79 and 115 guests