Community discussions

MikroTik App
 
rko4all
newbie
Topic Author
Posts: 27
Joined: Wed Oct 05, 2022 1:48 am

IP Tunnel - First router is not sending traffic to the second one

Wed Oct 05, 2022 6:12 pm

Hello Guys ,

I'm a beginner when it comes to Mikrotik . I'm trying to run an IP tunnel between 2 RouterOS .

First Router is set up as PPTP and L2TP server and clients can connect and use the internet but what I want to do is to set up an IP tunnel so when clients are connected to the first server , their traffic is routed to the second router and then is sent to internet from there . In simple terms , I want my clients' internet IP to be the second Router's IP and all the traffic from first server to be sent to second server first , and then to the internet from there .

the two tunnels can ping each other but the first server is not sending the traffic to the second one . I think my issue is creating a route for this . I will paste the export logs below .

First Router ( PPTP & L2TP server ) export :
/interface ipip
add name=162.19.152.3 remote-address=162.19.152.3
/interface list
add name=WAN
add name=LAN
/ip pool
add name=pptp ranges=10.8.0.0/23
/ppp profile
add change-tcp-mss=yes dns-server=8.8.8.8,8.8.4.4 \
    local-address=pptp name=pptp only-one=yes \
    remote-address=pptp use-encryption=yes
add change-tcp-mss=yes dns-server=8.8.8.8,8.8.4.4 \
    local-address=pptp name=l2tp only-one=yes \
    remote-address=pptp use-encryption=yes
/tool user-manager customer
set admin access="own-routers,own-users,own-profiles,own-limi\
    ts,config-payment-gw"
/interface l2tp-server server
set default-profile=l2tp enabled=yes ipsec-secret=123456 \
    use-ipsec=required
/interface list member
add interface=ether1 list=WAN
add list=LAN
/interface pptp-server server
set authentication=chap,mschap1,mschap2 default-profile=pptp \
    enabled=yes
/ip address
add address=185.141.105.65/24 interface=ether1 network=\
    185.141.105.0
add address=185.141.105.65 interface=ether1 network=\
    172.27.7.229
add address=11.11.11.2/29 interface=162.19.152.3 network=\
    11.11.11.0
/ip cloud
set update-time=no
/ip firewall filter
add action=accept chain=input dst-port=1723 protocol=tcp
add action=accept chain=input dst-port=500 protocol=udp
/ip route
add distance=1 gateway=172.27.7.229
add distance=1 gateway=172.27.7.229
/ip service
set www disabled=yes
/ppp aaa
set interim-update=30s use-radius=yes
/radius
add address=51.xxx.xxx.188 secret=123456 service=ppp
/tool user-manager database
set db-path=user-manager
Second Router ( should accept traffic from first router and send it to internet ) export :
/interface ethernet
set [ find default-name=ether1 ] disable-running-check=no
/interface ipip
add name=185.141.105.65 remote-address=185.141.105.65
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface list member
add interface=ether1 list=WAN
add list=LAN
/ip address
add address=162.19.152.3/24 interface=ether1 network=162.19.152.0
add address=11.11.11.1/29 interface=185.141.105.65 network=11.11.11.0
/ip dhcp-client
add disabled=no interface=ether1
/ip firewall nat
add action=masquerade chain=srcnat
/ip service
set www disabled=yes
/system identity
set name=RouterOS
I'm pretty sure the second router is not the issue and the configurations are OK . I think first Router is missing something . Maybe a route to the second one or a firewall rule . Can you please help me understand what is missing ?

Regards,
 
rko4all
newbie
Topic Author
Posts: 27
Joined: Wed Oct 05, 2022 1:48 am

Re: IP Tunnel - First router is not sending traffic to the second one

Thu Oct 06, 2022 8:38 pm

bump
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: IP Tunnel - First router is not sending traffic to the second one

Thu Oct 06, 2022 8:41 pm

Use wireguard and i will help........... no speaka pptp/l2tp its for the birds.........
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: IP Tunnel - First router is not sending traffic to the second one  [SOLVED]

Fri Oct 07, 2022 2:31 am

Something like this should do the trick (for RouterOS v7), on first router:
/routing table
add name=to-router2 fib
/ip route
add dst-address=0.0.0.0/0 gateway=11.11.11.1 routing-table=to-router2
/routing rule
add src-address=10.8.0.0/23 action=lookup table=to-router2
On second router:
/ip route
add dst-address=10.8.0.0/23 gateway=11.11.11.2
You might also want to do something about your non-existent firewall (you can find some ideas in viewtopic.php?t=180838).
 
rko4all
newbie
Topic Author
Posts: 27
Joined: Wed Oct 05, 2022 1:48 am

Re: IP Tunnel - First router is not sending traffic to the second one

Fri Oct 07, 2022 7:37 pm

Sob , Thank you so much for your response . It worked perfectly on RouterOS v7 and did the job . I have a set of 2 RouterOS v6 as well . How can I implement the same thing in RO6 environment ?
 
rko4all
newbie
Topic Author
Posts: 27
Joined: Wed Oct 05, 2022 1:48 am

Re: IP Tunnel - First router is not sending traffic to the second one

Fri Oct 07, 2022 7:51 pm

never mind . that same scenario worked on ROS6 as well .
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: IP Tunnel - First router is not sending traffic to the second one

Fri Oct 07, 2022 11:29 pm

The difference in v6 is that you dont need to create a table.
You basically use route-marking entry in the route and table=name of route-marking entry.
 
rko4all
newbie
Topic Author
Posts: 27
Joined: Wed Oct 05, 2022 1:48 am

Re: IP Tunnel - First router is not sending traffic to the second one

Sat Oct 08, 2022 2:50 pm

The difference in v6 is that you dont need to create a table.
You basically use route-marking entry in the route and table=name of route-marking entry.
Thanks Anav . Yeah I kind of figured that out when implementing it . I'm getting more and more interested in Mikrotik . Signed up for a course nearby today.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: IP Tunnel - First router is not sending traffic to the second one

Sat Oct 08, 2022 3:45 pm

The hard way, or you can read.........
that particular tidbit is covered here Para J (under general example ) - viewtopic.php?t=182373

Who is online

Users browsing this forum: petertosh and 25 guests