Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

No access to LAN over OPENVPN (can only ping router)  [SOLVED]

Locked
 
leon88
just joined
Topic Author
Posts: 8
Joined: Tue May 08, 2018 11:26 am

No access to LAN over OPENVPN (can only ping router)

Tue May 08, 2018 1:25 pm

Hello. I have a problem with configuring the OPENVPN server. Server is running, I am testing via phone and tablet via LTE and both devices get ip from my home network. I have a problem with access to the LAN. From the outside I have access only to the Mikrotik router. From computers inside the LAN, I can ping external devices (tablet and phone). The connection from the inside works. It does not work the other way.

MikroTik LAN IP: 192.168.3.1
LAN DHCP: static

I have set "proxy-arp" for LAN.

/ip pool print
0 openvpn 192.168.3.85-192.168.3.90



ip firewall filter print detail

Flags: X - disabled, I - invalid, D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=forward action=passthrough

1 chain=input action=accept protocol=tcp dst-port=1194 log=no log-prefix=""

2 ;;; defconf: accept established,related,untracked
chain=input action=accept connection-state=established,related,untracked
log=no log-prefix=""

3 ;;; defconf: accept ICMP
chain=input action=accept protocol=icmp log=no log-prefix=""

4 ;;; defconf: accept in ipsec policy
chain=forward action=accept log=no log-prefix="" ipsec-policy=in,ipsec

ip firewall nat print detail

0 X ;;; defconf: masquerade
chain=srcnat action=masquerade out-interface-list=WAN log=no
log-prefix="" ipsec-policy=out,none
Top
 
User avatar
reidavidinho
Frequent Visitor
Frequent Visitor
Posts: 80
Joined: Mon Jul 25, 2016 11:11 am
Location: Ibadan, Nigeria
Contact:
Contact reidavidinho

Re: No access to LAN over OPENVPN (can only ping router)  [SOLVED]

Fri May 11, 2018 3:31 pm

Enable the masquerade rule on your firewall, and that should do the magic...
Top
 
Sayrax
just joined
Posts: 24
Joined: Mon Jun 26, 2017 4:44 pm
Location: Kharkiv
Contact:
Contact Sayrax

Re: No access to LAN over OPENVPN (can only ping router)

Mon May 14, 2018 10:09 am

How you are configuring firewall and openvpn? In you rules use ipsec?
Top
 
RoadkillX
Frequent Visitor
Frequent Visitor
Posts: 88
Joined: Sun Apr 22, 2018 6:00 pm
Location: Spain

Re: No access to LAN over OPENVPN (can only ping router)

Mon May 14, 2018 11:02 am

Can you ping the router on 192.168.3.1? In your client openvpn configuration do you have the line redirect-gateway?
Top
 
leon88
just joined
Topic Author
Posts: 8
Joined: Tue May 08, 2018 11:26 am

Re: No access to LAN over OPENVPN (can only ping router)

Tue May 15, 2018 9:57 am

Thanks for the answers. The problem is a broken router (I bought a used one and it was a mistake). I ordered a second one (this time a new one) and I will try again. Ultimately, I did update the router software. I restarted and started working. Unfortunately, after one day the router began to hang. Now I can not connect with him at all.

As far as the settings are concerned, just like reidavidinho wrote, it was enough to add masquerade on LAN. However, the router is damaged and works very unstable (hence my problems).
Top
Locked

Who is online

Users browsing this forum: CGGXANNX, jaclaz, soulflyhigh and 105 guests
  4. RouterOS
  5. Beginner Basics