Hi guys,

I've been playing with an RB433AH on version 4.4, and I have it functioning as a second router behind an ADSL connection connected with ethernet to ether1.
With a wireless card configured as an AP (wlan1), I can connect to it wirelessly and via masquerade NAT I can
browse the web etc etc. Everything is working great !

My question is regarding routing.

I have set up a VPN to a PPTP server and it connects fine and I can ping across it.
(I have tested the VPN using a PC client and it works perfectly.)
I want any wirelessly connected client machines to send their traffic over the VPN connection.

I tried adding a default route with the VPN setup - nada.

I adjusted the masquerade NAT to point to the VPN interface instead of the ether1 interface - nada again.

I am obviously missing something ... can anyone offer any pointers please ?
I read somewhere there may be a bug in V4 relating to routing across vpns - has anyone heard of this ?
If so, am I wasting my time ?

Many thanks in advance for any assistance.

Jack.

So basically you want to establish a VPN connection and then route all traffic across it?

Hi - thanks for your response.

Short answer is yes, but I included all the other steps to at least confirm the basic functionality of the
unit is ok, eg, connectivity et al.

Create a static route to your VPN endpoint, then set your gateway of last resort 0.0.0.0/0 to the other end of the VPN tunnel with a higher distance value, set gateway to check by ping. Then for fail-over do another 0.0.0.0/0 with an even higher distance value.

Hi jwcn, again, thank for your response.

When I set up the vpn in the first instance, I checked the "default gateway" box, and it
does add the 0.0.0.0/0 mapping to the routing table.

I then changed the nat interface to be the VPN but no traffic goes to it.

The attached wireless clients just hang and timeout.
I'll continue playing, and see if I can find out what I am doing wrong.

thanks again for your time.

Jack.

It would help if you post your config.

I have similar question too. I would be grateful for more detailed explanation how to setup such routing.

Hi,

firstly, thanks to the forum and everyone who tried to help me out with my newbie questions !

In particular a big shout to gregsowell for his excellent tutorials and extremely friendly character. Thanks Greg.

If anyone is struggling for a starting point with Mikrotiks, I recommend watching Greg's material.

The default routing was the issue, as it turned out, so we were all on the right track !
It needed a routing mark and a rule to force the issue, but it is now working perfectly.

Thanks again for all the help guys. Much appreciated.

Jack

Jack,

I'm glad I could help

what we did was add a new static default route pointed to the ip on the other side of the tunnel. We added a routing mark called pptp on that default route. We then added a routing rule that sent LAN sourced traffic to lookup in the pptp table.

Cheers and happy routing!