Page 1 of 1

SSTP VPN between two MT routers

Posted: Thu Nov 01, 2018 7:40 pm
by Arty
Please see the attached image.
We need to set up a secure VPN connection between MikroTik 1 and Mikrotik 2 devices and direct all the traffic from PCs through MikroTik 2 router (including internet traffic). MikroTik 2 is configured as SSTP server. Everything works as expected in situation 2, but if MikroTik 1 is behind another NAT PCs cannot access the internet despite the fact that MikroTik 1 successfully connects to VPN, and traffic is passing (I can ping Mikrotik 2 internal VPN IP from all the pcs).

Re: SSTP VPN between two MT routers

Posted: Fri Nov 02, 2018 5:18 am
by acald3ron
Less devices in the middle is better.

Re: SSTP VPN between two MT routers

Posted: Fri Nov 02, 2018 9:18 am
by Arty
Less devices in the middle is better.
Of course. The thing is - we have this mobile network of wi-fi connected iot devices (displayed as PCs in picture above), and we need to take it with us for demonstration purposes to different places. Since the iot devices connect to our servers, we don't want anyone to be able to sniff the traffic - therefore the need for vpn. I have no more ideas why this isn't working behind another router with NAT. Any clue where to look?

Re: SSTP VPN between two MT routers

Posted: Fri Nov 02, 2018 4:13 pm
by tippenring
It seems to me there are details missing in your explanation. SSTP will transit NAT with no problem. You admit this when you say the PCs can ping Mikrotik 2.

Based on the information provided, I think there's something else going on unrelated to a NAT device in the middle.

/export hide-sensitive is your friend. Post your configs (munge your public IPs).