Community discussions

MikroTik App
 
gstucky
just joined
Topic Author
Posts: 1
Joined: Wed Dec 28, 2011 5:02 pm

Losing VPN connections when changing default route

Wed Dec 28, 2011 6:24 pm

I have 3 Routerboards connected by VPN connections over the Internet. At one of our locations I have a secondary Internet connection which I would like to use for local internet access. The second Internet connection is already setup with a separate firewall on the network and used for Email.

I want to use the same connection I use for email for internet access to remove the usage from the VPN connection. However if I change the 0.0.0.0/0 route I lose the VPN connections to the other sites.

How do I change the default route to the internet without breaking the VPN connections.

Interface list
| Name | Type | L2MTU
R | site2 | L2TP Server
R | site3 | L2TP Server
R | ether1 | Ethernet 1598
R | ether10 | Ethernet 1600
R | ether6 | Ethernet 1600


address List
Address: 24.50.150.28/28 | Network: 24.50.150.36 | Interface: Ether10
Address: 24.79.41.122/30 | Network 24.79.41.120 | Interface: Ether10
Address: 172.31.21.21/24 | Network 172.31.21.0 | Interface: Ether6
Address: 192.168.70.251/24 | Network 192.168.70.0 | Interface: Ether1
Address: 192.168.254.30 | Network 192.168.254.31 | Interface: site1
Address: 192.168.254.35 | Network 192.168.254.36 | Interface: site2

Route List
| Dst. Address | Gateway | Distance | Routing Mark | Pref Source
AS | 0.0.0.0/0 | 24.79.41.121 | 0 | |
DAC | 24.50.150.36/28 | ether 10 reachable | 0 | | 24.50.150.38
DAC | 24.79.41.120/30 | ether 10 reachable | 0 | | 24.79.41.122
AS | 20.20.22.0/24 | site 1 reachable | 1 | |
DAC | 172.31.21.0/24 | ether6 reachable | 0 | | 172.31.21.21
AS | 172.31.23.0/24 | site2 reachable | 1 | |
AS | 192.168.30.0/24 | site2 reachable | 1 | |
DAC | 192.168.70.0/24 | ether1 reachable | 0 | | 192.168.70.251
DAC | 192.168.254.31 | site1 reachable | 0 | | 192.168.254.30
DAC | 192.168.254.36 | site2 reachable | 0 | | 192.168.254.35


Firewall-Nat
# | Action | Chain | Src Addr | Dst Addr |Protocol |Src Port |Dst Port |in Interface | Out Interface
0 | accept | srcnat | | 30.30.32.0/24 | | | | |
1 | accept | srcnat | | | | | | | NC
2 | dst-nat | dstnat | 0.0.0.0/0 | 24.79.41.122 |6 (tcp) | |25 | |
3 | masquerade | srcnat | |192.168.70.0/24 | | | | | ether10
 
User avatar
guilhermeramires
Trainer
Trainer
Posts: 56
Joined: Fri Jan 22, 2010 9:06 pm

Re: Losing VPN connections when changing default route

Sat Dec 31, 2011 3:44 pm

Uncheck "Add default route" in your VPN client and add the default route manually. At this point do not use the IP address as gateway. Use the vpn interface as gateway.

This way you don't need to change the default route anymore, ok?
Mikrotik Training Partner
MPLS for the Masses

Who is online

Users browsing this forum: anav, Baidu [Spider] and 45 guests