Community discussions

MikroTik App
 
BAAAASS
just joined
Topic Author
Posts: 2
Joined: Fri Jul 23, 2021 7:12 pm

Routing issue with SSTP

Fri Jul 23, 2021 7:43 pm

Hi All

I am very experienced and knowledable on TCP/IP, however, quite new to MikroTik.
I have two sites:
Site 1: Static Public IP
MikroTik as LAN GW (10.0.0.1)
SSTP Host (10.3.0.254/24)
LAN: 10.0.0.0/24

Site 2: Dynamic Public IP
MikroTik as LAN GW (192.168.26.1)
SSTP Client (10.3.0.1/24)
LAN: 192.168.26.0/24

I have enabled the firewall so that all traffic is allowed to all networks. The VPN is up and running.
Site 1 MikroTik can ping Site 2 MikroTik.
Site 2 MikroTik can ping Site 1 MikroTik.

Site 1 workstation (e.g. 10.0.0.16/24) can ping Site 2 workstation (e.g. 192.168.26.99)
However, the very strange thing is that:
Site 2 workstaion (e.g. 192.168.26.99/24) can NOT ping Site 1 workstation (e.g. 10.0.0.16/24)

I have tried everything I can possibly imagine; however, after spending about 2 weeks breaking my head over this, I really cannot figure out what is going on.
Any workstation in Site 1 can connect (via multiple protocols such as CIFS and RDP etc. etc.) to Site 2 100% successfully and quite fast I might add.
However, a workstation in Site 2 cannot ping anything on Site 1, not even the Site 1 LAN GW. The furthest I get is to successfully ping (10.3.0.254/24) from a Site 2 workstation, nothing further.

I cannot figure this out and hopefully someone out there is able to help me.

Thanks in advance for any help you can give!
 
dmitris
Member Candidate
Member Candidate
Posts: 127
Joined: Mon Oct 09, 2017 1:08 pm

Re: Routing issue with SSTP

Sat Jul 24, 2021 12:46 am

You should specify route on both sides, than it will work as expected...

On SITE1 mikrotik:
/ip route add distance=1 dst-address=192.168.26.0/24 gateway=10.3.0.1

On SITE2 mikrotik:
/ip route add distance=1 dst-address=10.0.0.0/24 gateway=10.3.0.254
 
BAAAASS
just joined
Topic Author
Posts: 2
Joined: Fri Jul 23, 2021 7:12 pm

Re: Routing issue with SSTP

Mon Jul 26, 2021 12:59 pm

Hi dmitris

Thank you for your input. These routes where added dynamically by the SSTP VPN. However, I have also tried to create them manually. I have also tried creating a mangle route, however, this also didn't work. Nothing I have tried so far has worked.

Any other suggestions or things to try?
Thank you!

Who is online

Users browsing this forum: Nospam and 56 guests