Community discussions

MikroTik App
 
wombat
newbie
Topic Author
Posts: 27
Joined: Thu May 14, 2015 10:12 pm

More subnet in the LAN and L2TP

Mon Feb 08, 2016 7:05 pm

Hi,

situation:

My LAN:
192.168.0.1/24
192.168.1.1/24 / Me
192.168.2.1/24 / NAS etc.

I have attached remote drives on the NAS, etc. On the 2.x, everything works, at the moment when you connect to the remote L2TP so it falls, because the subnet is routing over the VPN, not via the LAN, how to say MK to address-list not route through VPN?

Thx
Gabriel
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: More subnet in the LAN and L2TP

Mon Feb 08, 2016 7:12 pm

The easiest solution is to use another IP range for VPN endpoints (e.g. 192.168.3.x/24)

If you want to use IPs from 192.168.1.x as VPN endpoints, then you need to set the arp type to proxy-arp on the 192.168.1.x interface so that the VPN endpoints can appear to be directly connected to that LAN.
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
wombat
newbie
Topic Author
Posts: 27
Joined: Thu May 14, 2015 10:12 pm

Re: More subnet in the LAN and L2TP

Mon Feb 08, 2016 9:32 pm

vpn pool is 10.x.1.xx/24
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: More subnet in the LAN and L2TP

Mon Feb 08, 2016 9:45 pm

The clients need to add a route to your LAN whenever they're connected.
Look for split tunnel settings for VPN settings in the wiki
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
wombat
newbie
Topic Author
Posts: 27
Joined: Thu May 14, 2015 10:12 pm

Re: More subnet in the LAN and L2TP

Tue Feb 09, 2016 11:43 am

1) without VPN
C:\Users\>tracert 192.168.2.2

Tracing route to NAS [192.168.2.2]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  router [192.168.1.1]
  2    <1 ms    <1 ms    <1 ms  NAS [192.168.2.2]
2) with VPN
C:\Users\>tracert 192.168.2.2

Tracing route to 192.168.2.2 over a maximum of 30 hops

  1     5 ms     6 ms     8 ms  10.75.3.1
I know that can disable default gateway on client side.. But is possible on router side?

Gabriel

Who is online

Users browsing this forum: No registered users and 42 guests