Tried this on Hetzner dedicated (bare metal, EX series, I know bm isn't officially supported but I don't want the virtualization maintenance overhead) however everything except routing (public ip subnets, ie forwarding) works, at least I can't get it working with any config. Sort of sad. (neither 6.40.9 (Bugfix only) or 6.42.7 (Current) or 6.43rc66 (Release candidate))Code: Select all
cd /root && curl -O https://download2.mikrotik.com/routeros/6.42.3/chr-6.42.3.img.zip && gunzip -S .zip chr-6.42.3.img.zip dd if=/root/chr-6.42.3.img of=/dev/sda
Either working completely or not was my impression too, until I tried this.Please open a new topic and describe what exactly does not work. It's either working completely or not. It cannot 'disable routing for some unknown reason'. Where do you get your "public subnets"? Can't Hetzner block unknown IPs by default (it should, I hope)?
The intention is to provide public IP addresses to another mikrotik router behind NAT over L2TP VPN, via EoIP (nevermind overhead). L2TP works (if assigned to can internally ping each other with the public subnet IPs), EoIP (if assigned to can internally ping each other with the public subnet IPs) works but traffic from internet to the public subnet doesn't even enter Ether1-WAN (or anywhere else for that matter, torch).
Hetzner provides public IPs / subnet upon order https://wiki.hetzner.de/index.php/Zusae ... en#Subnets and trying any combination of "every" mikrotik forum suggested way of getting them forwarded, as in routing, doesn't work. "Obviously" the server doesn't have internal physical interfaces (uncertain if nor why it should matter). Hetzner support has verified the public subnet (/29) is routed to the public WAN IP. There are no firewalls etc, just plain routing. (https://wiki.mikrotik.com/wiki/Simple_S ... es_Example etc)
@Chupaka I'm happy to provide you (reputation) with the RouterOS logins / details to the "empty" test installation if you care to test it yourself, as I surely have exhausted all theories on why it shouldn't work.