Hello. I've set up Mikrotik PPTP Server. Everything is working except I can't ping VPN clients (windows only)

Network is 192.168.21.0/24 on server mikrotik
Network for client mikrotik 192.168.88.0/24
Network for VPN is 192.168.4.0/24

I connect mikrotik with network 192.168.88.0/24 to mikrotik with network 192.168.21.0/24
Ip addresses is local addess 192.168.4.2 remote 192.168.4.3
Also I set up ip route rules on both sides.

I set masquerade rule on vpn interface in the client mikrotik. And masquerade rule for all ppp in the server mikrotik.

From client I can ping everything. From server I can ping only no windows stuff. For example I can get access to 192.168.88.252 (network printer) but can't get access to 192.168.88.251 (this is windows 7 machine)

What am I misssing?

What am I misssing?

Windows Firewall.
It's blocking pings by default on client OS versions. Very annoying.
-Chris

What am I misssing?

Windows Firewall.
It's blocking pings by default on client OS versions. Very annoying.
-Chris

But I can ping windows machine from LAN if I do it from network 192.168.88.0/24 but I can't do it from other network 192.168.21.0/24. Is that what you are saying?

Also I'm unable to connect via rdp, although access is enabled. Maybe it has to do something with Mikrotik firewall?

Yes, that's what I'm saying.
I'm almost certain that your router's firewall is configured correctly.
Windoze firewall only considers connected subnets as "local" and allows access from them.
Try adding src-nat rules to your routers to verify this.
Once verified, remove the src-nat rules and add appropriate rules to Windows firewall.

-Chris

Yes, that's what I'm saying.
I'm almost certain that your router's firewall is configured correctly.
Windoze firewall only considers connected subnets as "local" and allows access from them.
Try adding src-nat rules to your routers to verify this.
Once verified, remove the src-nat rules and add appropriate rules to Windows firewall.

-Chris

Yes, It was windows firewall. Thank you.