Community discussions

MikroTik App
 
mwkemo
just joined
Topic Author
Posts: 2
Joined: Sat Jan 29, 2011 7:53 pm

Access to private LAN behind Windows 10 IKEv2 client

Sun May 23, 2021 12:15 am

Hello to all.

I configured IKEv2 on my Mikrotik to allow RoadWarrior clients access to my private network behind Mikrotik router which works perfectly. Clients can access all my network devices behind Mikrotik.
Now I have a situation where I need access to private network behind Windows 10 IKEv2 client. I can ping Windows 10 client with configured IKEv2 IP address(172.16.0.2), but private LAN behind Windows 10 client(192.168.5.0/24) is not reachable. I tried adding 192.168.5.0/24 network to route table with 172.16.0.2 gateway on my MK without success. I think there is a problem on Windows 10 PC that I'm not aware of it. IP Forwarding is enabled on Windows 10 PC. Do I need to setup anything for IP Forwarding to work or add a static route on Windows client?

Any help appreciated.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18959
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Access to private LAN behind Windows 10 IKEv2 client

Sun May 23, 2021 2:32 am

To be clear are you saying you would like to from your PC behind the Mikrotick, reach a road warrior computer??
Draw a diagram its confusing!!!
 
mwkemo
just joined
Topic Author
Posts: 2
Joined: Sat Jan 29, 2011 7:53 pm

Re: Access to private LAN behind Windows 10 IKEv2 client

Sun May 23, 2021 3:53 am

To be clear are you saying you would like to from your PC behind the Mikrotick, reach a road warrior computer??
I would like to reach a road warrior private network(192.168.5.0/24) over IKEv2(172.16.0.2) from Mikrotik router.


network-diagram.jpg
You do not have the required permissions to view the files attached to this post.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18959
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Access to private LAN behind Windows 10 IKEv2 client

Sun May 23, 2021 3:45 pm

Then I suspect you need an MK connection to the road warrior router......................
I dont think this is an MT issue but perhaps how to configure something on a windows 10PC, perhaps with dual nic cards??

Just guessing, as I dont think what is requested is possible but limited knowledge in this area..
 
creme0099
just joined
Posts: 3
Joined: Fri Jul 07, 2017 7:38 pm
Location: ZA

Re: Access to private LAN behind Windows 10 IKEv2 client

Wed May 26, 2021 11:59 am

When you create more than one connection in Windows that has a gateway, you will need to either consider the following:
1) Is the IKE2 my default route for internet access?
2) Is the LAN my default route with IKE2 only network access to that subnet?

Either of the options need you change the metric of the network adapters manually (Including the IKE2 dialup)
and you need to specify a static route in windows to force traffic to use the other adapter to access the LAN

I know it sounds corny that you cant access a LAN that you are already connected to, but thats just the way windows' routing works
use route command from command prompt to add static routes
*Use the -p option to make them permanent
eg. route add -p 192.168.5.0 mask 255.255.255.0 192.168.5.1 metric 1
Try to ping the device after adding if you get a response then you good to go

Who is online

Users browsing this forum: No registered users and 12 guests