Community discussions

MikroTik App
 
octaviolpz
just joined
Topic Author
Posts: 1
Joined: Sun Jul 18, 2021 6:11 am

Help to Setup only VLAN in NordVPN

Sun Jul 18, 2021 6:26 am

Hi, i would appreciate some help, i'm stuck with the setup of NordVPN, i'm newbie in mikrotik and need to send only the VLAN traffic through NordVPN, i followed the tutorial in forum, but th clients in VLAN not going through VPN, i don't know what i'm missing, this is my config, thanks.:

/interface bridge
add name=bridge1 vlan-filtering=yes
/interface ethernet
set [ find default-name=ether3 ] comment=WAN1
set [ find default-name=ether5 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full comment=15HUB
set [ find default-name=ether6 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
/interface vlan
add interface=bridge1 name=vlan10 vlan-id=10
add interface=bridge1 name=vlan20 vlan-id=20
add interface=bridge1 name=vlan30 vlan-id=30
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip ipsec mode-config
add name=NordVPN responder=no src-address-list=local
/ip ipsec policy group
add name=NordVPN
/ip ipsec profile
add name=NordVPN
/ip ipsec peer
add address=us8979.nordvpn.com exchange-mode=ike2 name=NordVPN profile=NordVPN
/ip ipsec proposal
add name=NordVPN pfs-group=none
/ip pool
add name=dhcp_pool0 ranges=192.168.15.100-192.168.15.250
add name=dhcp_pool1 ranges=192.168.9.100-192.168.9.250
add name=dhcp_pool2 ranges=192.168.100.100-192.168.100.250
add name=dhcp_pool3 ranges=192.168.200.100-192.168.200.250
add name=dhcp_pool4 ranges=192.168.30.100-192.168.30.250
add name=dhcp_pool5 ranges=192.168.15.100-192.168.15.250
/ip dhcp-server
add address-pool=dhcp_pool2 disabled=no interface=vlan10 name=dhcp3
add address-pool=dhcp_pool3 disabled=no interface=vlan20 name=dhcp4
add address-pool=dhcp_pool4 disabled=no interface=vlan30 name=dhcp5
add address-pool=dhcp_pool5 disabled=no interface=bridge1 name=dhcp2
/user group
set full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,dude,tikapp
/interface bridge port
add bridge=bridge1 interface=ether6
add bridge=bridge1 interface=ether7
add bridge=bridge1 interface=ether8 pvid=10
add bridge=bridge1 interface=ether5
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface bridge vlan
add bridge=bridge1 tagged=ether7,ether6,ether5,bridge1 untagged=ether8 vlan-ids=10
add bridge=bridge1 tagged=ether7,ether6,ether5,bridge1 untagged=ether8 vlan-ids=20
add bridge=bridge1 tagged=ether7,ether6,ether5,bridge1 untagged=ether8 vlan-ids=30
/ip address
add address=192.168.15.1/22 interface=bridge1 network=192.168.12.0
add address=192.168.100.1/24 interface=vlan10 network=192.168.100.0
add address=192.168.200.1/24 interface=vlan20 network=192.168.200.0
add address=192.168.30.1/24 interface=vlan30 network=192.168.30.0
/ip dhcp-client
add disabled=no interface=ether3
/ip dhcp-server lease
add address=192.168.15.245 client-id=1:f4:92:bf:29:a:24 mac-address=F4:92:BF:29:0A:24 server=dhcp2
/ip dhcp-server network
add address=192.168.8.0/22 gateway=192.168.9.1
add address=192.168.12.0/22 gateway=192.168.15.1
add address=192.168.30.0/24 gateway=192.168.30.1
add address=192.168.100.0/24 gateway=192.168.100.1
add address=192.168.200.0/24 gateway=192.168.200.1
/ip dns
set allow-remote-requests=yes
/ip firewall address-list
add address=192.168.100.0/24 list=local
add address=192.168.15.242 disabled=yes list=local
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether3
/ip ipsec identity
add auth-method=eap certificate="" eap-methods=eap-mschapv2 generate-policy=port-strict mode-config=NordVPN peer=NordVPN policy-template-group=\
NordVPN username=******@*********
/ip ipsec policy
add dst-address=0.0.0.0/0 group=NordVPN proposal=NordVPN src-address=0.0.0.0/0 template=yes
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/system clock
set time-zone-name=America/Mexico_City
/system identity
set name=TESTMK

Who is online

Users browsing this forum: CGGXANNX, Netstumble and 50 guests