Hello,

I'm looking for best tutorial for l2tp with ipsec.
I've configured but when I connect to vpn I can't get Internet connect - it's not working.

How can I fix that?

I'm just starting MT road

Thank you

Do you have a NAT masquerade rule for your VPN traffic?

Do you have a NAT masquerade rule for your VPN traffic?

I don;t know how to do this in this moment...

http://imgur.com/a/BjV0h

You must update your NAT rules.

For example, try this: Wiki: https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT

You must update your NAT rules.

For example, try this:

Code: Select all

/ip firewall nat add chain=srcnat action=masquerade out-interface=Public

Wiki: https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT

You are the one! It's working like a charm
Many thanks.

Another question - how can I allow or block browsing web with public IP VPN?
Eg. user1 can browse with public IP, user2 can not.

You must update your NAT rules.

For example, try this:

Code: Select all

/ip firewall nat add chain=srcnat action=masquerade out-interface=Public

Wiki: https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT

You are the one! It's working like a charm
Many thanks.

Another question - how can I allow or block browsing web with public IP VPN?
Eg. user1 can browse with public IP, user2 can not.

What I did is instead of assigning a "pool" to a user for my VPN service was to specify a single IP address. That way when they connect via VPN they get the same "Remote IP Address" every time and I can restrict them from accessing NAT or other devices as I choose. Also, by default, I have no NAT enabled for VPN users and selectively add them as needed. In other words I have several NAT statements that have a single IP address permitted.