Page 1 of 1

Remote Access & Port Forward Over L2TP

Posted: Fri Sep 06, 2019 12:42 am
by ingdaka
I have a scenario like in picture:

Image

R1 has public IP and is configured as L2TP Server! R2 have just internet over nat and is configured as L2TP client! Both routers have full routing table to know each-other routes. R2 has a CCTV system connected. I can access this system from R1 LAN. Also there are some other routers connected to R1 with L2TP and have routes to go to R2, from their LAN I can access CCTV system to!

But I want to access this system from WAN side, so created a portforward role to R1 from WAN IP to CCTV system IP I can see traffic pass router but cannot access CCTV System

Any mind if it should work...

Re: Remote Access & Port Forward Over L2TP  [SOLVED]

Posted: Fri Sep 06, 2019 1:24 am
by Sob
If you configure everything properly, it should work. The main part is making sure that R2 routes response packets from CCTV back to R1 via tunnel, and doesn't try to send them directly to client's address. So mark incoming connections from tunnel and then mark routing for replies to go back to tunnel.

Re: Remote Access & Port Forward Over L2TP

Posted: Fri Sep 06, 2019 1:26 am
by CZFan
You might have to do some src NATing on R1 side for WAN client in order for other side to return packets via R1

Re: Remote Access & Port Forward Over L2TP

Posted: Fri Sep 06, 2019 3:59 am
by Sob
Or that. But unless R2 is something limited (so not with RouterOS or any other advanced enough system), it can be done without it.

Re: Remote Access & Port Forward Over L2TP

Posted: Tue Sep 10, 2019 10:17 pm
by ingdaka
Just got it! Have to create a mangle rule to routing mark traffic of my camera and set a default route for this marked traffic and set as exit interface my vpn interface!