Community discussions

MUM Europe 2020
 
biktor
just joined
Topic Author
Posts: 1
Joined: Sat Sep 28, 2019 1:40 pm

Traffic Forwarding from LAN1 to LAN2 via vpn

Sat Sep 28, 2019 2:47 pm

Hi,

My problem seems simple, please help

I have an Openvpn server (with public IP address). I have connected to this server two Mikrotik Routers with local subnets.

Server VPN IP: 10.10.2.1
Mikrotik1 (Home router) VPN IP: 10.10.2.21, bridge IP: 192.168.100.254 -> ASDL connection this is the gateway
Mikrotik2 (Office router) VPN IP: 10.10.2.25, bridge IP: 10.0.0.141 -> Internet connection from another router - 10.0.0.1 is the gateway

My problem is: cannot access from 192.168.100.0 network the 10.0.0.0 network.
From my Home network can ping 10.10.2.25 (Mikrotik2 vpn address)
From Office network cannot ping 10.10.2.21 (Mikrotik1 vpn address)
OK, I know it's routing and NAt problem, but now I confused.

Mikrotik1 route table:
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADS 0.0.0.0/0 pppoe-out-telekom 1
1 A S 10.0.0.0/24 10.10.2.22 1
2 ADC 10.5.19.240/32 100.101.245.112 pppoe-out-telekom 0
3 ADS 10.10.2.0/24 10.10.2.22 1
4 ADC 10.10.2.22/32 10.10.2.21 ovpn-out1 0
5 ADS xx.xx.xx.xx/32 pppoe-out-telekom 0
6 ADC 192.168.100.0/24 192.168.100.254 bridge 0

Mikrotik2 route table:

# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADS 0.0.0.0/0 10.0.0.1 1
1 ADC 10.0.0.0/24 10.0.0.141 bridge 0
2 A S 10.10.2.0/24 10.10.2.26 1
3 ADC 10.10.2.26/32 10.10.2.25 ovpn-out 0
4 ADS 192.168.100.0/24 10.10.2.26 1

Could you please help about that little problem?

Regards

Biktorio
 
zakynthoswifi
Frequent Visitor
Frequent Visitor
Posts: 74
Joined: Thu Jul 17, 2014 12:38 am
Location: Zakynthos
Contact:

Re: Traffic Forwarding from LAN1 to LAN2 via vpn

Sat Sep 28, 2019 5:48 pm

It seems you have default route over vpn. Disable it and you will be fine
Ilias Theodosis
Network & Security Engineer
Cisco CCNA,CCNP,CCIE
Network Solutions Ltd.
Zakynthos, Greece
 
pe1chl
Forum Guru
Forum Guru
Posts: 5995
Joined: Mon Jun 08, 2015 12:09 pm

Re: Traffic Forwarding from LAN1 to LAN2 via vpn

Sat Sep 28, 2019 5:52 pm

The above is incorrect.
Does your OpenVPN server allow traffic between clients?
It needs the "client-to-client" config line in its config file.

Who is online

Users browsing this forum: No registered users and 11 guests