Page 1 of 1
Posted: Thu Nov 07, 2019 11:20 pm
How can I configure VPN passthrough on RB2011Ui.
I have VPN server and it works great when I connect from WAN, if want to connect from LAN it doesn’t want to connect.
VPN is standalone server not on mikrotik.
All I want is that VPN traffic is passthrough Mikrotik even if connection is made from LAN.
Posted: Fri Nov 08, 2019 12:07 pm
VPN type ?
Can you provide a simple diagram of the network?
Posted: Fri Nov 08, 2019 12:15 pm
Why don't you just resolve your VPN server to your private IP address (of the VPN server) instead of the public IP address? Or connect to the VPN server on (private) IP address? I assume this is only for testing purposes?
Posted: Fri Nov 08, 2019 5:05 pm
VPN is IKEv2 on Strongswan running debian. I want to enable vpn passthrough so I can have VPN connection enabled even when phones and laptops are in home network. Now I need to manually enable vpn every time I am outside of the office.
Mikrotik have IP 192.168.1.1
VPN server 192.168.1.5
Pool for VPN clients is 192.168.1.10 to 192.168.1.50
On Mikrotik is enabled port forwarding from eth1 to 192.168.1.5 on ports 500 and 4500.
On eth1 is modem.
Posted: Sat Nov 09, 2019 6:44 am
For getting the traffic to your VPN server beeing routed correct you need dstnat of your VPN ports to the address type local to your VPN server and also a srcnat masquerade of the outinterface of the bridge.
that should work
but the question is, why do you want to connect to your local VPN from the same local network, or is behind that VPN another network?
VPN you use to connect from the WAN with a secure channel to your private network!
Posted: Sat Nov 09, 2019 7:53 pm