Community discussions

MikroTik App
 
User avatar
gogotha
newbie
Topic Author
Posts: 30
Joined: Mon May 21, 2018 1:16 am
Location: Tyler

Static IP L2TP reverts to DHCP on reconnect

Fri Oct 12, 2018 4:08 am

We just started implementing L2TP VPN connections into a Windows 2008 Server and it work superbly. After successfully getting my test environment up and going we started rolling them out in production server and shipping out to clients. We currently have 85 VPN connections and the Windows VPN connections have no issues keeping there IP's when they disconnect. After about a week the issue started to rear its ugly head and I started noticing the IP's we statically assign the Mikrotik routers (various models) will revert to the small DHCP range I have in RAS. Seems like the Mikrotik's keep the static IP for a couple of days and then pow, DHCP. I kick the routers of the VPN and they call back in like good little soldiers with there static but during the time they are off we loose out video feeds and are at risk of clients getting property stolen. My gut tells me theirs a way to tell the router its static IP is x.x.x.x so it will not loose it but I am unable to find it in winbox, if it was a windows issue I would think I might see the same issue; however the adapters are assigned the IP address. I have noticed this on PPTP and SSTP as well :(

Image
Last edited by gogotha on Sun Nov 01, 2020 7:50 pm, edited 2 times in total.
 
User avatar
gogotha
newbie
Topic Author
Posts: 30
Joined: Mon May 21, 2018 1:16 am
Location: Tyler

Re: Static IP L2TP reverts to DHCP on reconnect

Sat Oct 20, 2018 8:01 am

This seams to have done the trick for anybody else needing it constant static from a Windows RAS. What would be the benefit of using a "Remote Address", it was the only thing that never changed.

Image

Curious why I didn't get help on this, I put it in the wrong part of forum? I realize Mikrotik to Mikrotik is probably preferred by Mikrotik but we have a lot of Windows CCTV NVR systems on the edge spread over 3 states with no routers. I looked over the forums and googled MAX specs of VPN connections for Mikrotik and it appears my search skills are remedial. I know Windows 2008+ Datacenters will handle unlimited VPN connections so I caved in since I already had a 35,306 IP DHCP Superscope with IP6 which works over VPN (wasn't expecting to see it in WINs LOL) If it makes any difference I have a CCR1009-7G-1C-1S+ protecting the VPN server. The joy of NAT-T For anyone interested, this solved my IPsec issue building the RAS on 2012 Pre Production and 2008 Production Datacenters with Firewall on. https://support.microsoft.com/en-us/hel ... in-windows

FYI, at 90 VPN connections using 70mb/s both ways and processor at 1% at the cost of super, all I can say is amazing!!!! Another kudos; I am super impressed on the reliability of either PPTP or LT2P connections itself, it is a beast!

Image

Rick Frey, if you see this. Thank you for being such a great teacher! With your 5.0 firewall modified slightly, some other goodies and turning off DHCP, I was allowed by a Top level Administrator and his minions to put in a MT Router with L2TP IPsec in a Data Center in the South East. I'm curious what your paid version is? Anybody needing a good firewall, Rick Freys the man! It's here https://rickfreyconsulting.com/basic-mi ... e-version/ for beginners or as I see it professionals as well.

Image
Last edited by gogotha on Sun Nov 01, 2020 7:51 pm, edited 3 times in total.
 
User avatar
gogotha
newbie
Topic Author
Posts: 30
Joined: Mon May 21, 2018 1:16 am
Location: Tyler

Re: Static IP L2TP reverts to DHCP on reconnect

Thu Jan 17, 2019 4:44 am

Well to my disappointment, when we reboot our internet the remote routers would pick up a DHCP IP even if they are configured in Windows RRAS as a static connection. A band-aid was to reduce my DHCP range in my RAS to 2 IP addresses (since all our connections ping the vpns virtual IP to make sure they are connected or batch file to reboot computer would fail I couldn't turn off DHCP :( ). The servers virtual adapter gets one and I created a second VPN connection from remote office to obtain the one and only IP the RAS server issues.

If anyone knows how I can remove the band-aid it would be appreciated.

Who is online

Users browsing this forum: Bing [Bot] and 37 guests