Page 1 of 1

IPSec and bridged ether ports with different IP addresses

Posted: Thu Mar 23, 2017 5:35 pm
by matiaszon
I have 2 MikroTik routers working in IPSec tunnel. RB2011 with bridged all ether ports and 192.168.89.0/24 assigned to bridge. RB3011 with all bridged ports and (unfortunately) with 3 different IP ranges assigned (192.168.88.0/24 - main LAN, 192.168.10/24 - service for machines, 192.168.0.0/24 - CCTV). The tunnel works almost fine, except that, that from RB3011's side it's impossible to get to RB2011's LAN. When I try to ping, 100% loss and it gives info from 192.168.0.1 that the address is not reachable. How to tell RB3011 to go through 192.168.88.1 as all policy, peer and firewall rules are configured to 192.168.88.0/24?


Wysłane z iPhone za pomocą Tapatalk

Re: IPSec and bridged ether ports with different IP addresses

Posted: Sat Mar 25, 2017 10:58 pm
by matiaszon
OK, I solved the problem. Just added new route and now I can see 192.168.89.0/24 network
/ip route add dst-address=192.168.89.0/24 gateway=bridge-LAN pref-src=192.168.88.1