Page 1 of 1

VPN

Posted: Thu Nov 07, 2019 11:20 pm
by Mirela
How can I configure VPN passthrough on RB2011Ui.
I have VPN server and it works great when I connect from WAN, if want to connect from LAN it doesn’t want to connect.
VPN is standalone server not on mikrotik.
All I want is that VPN traffic is passthrough Mikrotik even if connection is made from LAN.

Thanks

Re: VPN

Posted: Fri Nov 08, 2019 12:07 pm
by Zacharias
VPN type ?
Can you provide a simple diagram of the network?

Re: VPN

Posted: Fri Nov 08, 2019 12:15 pm
by erlinden
Why don't you just resolve your VPN server to your private IP address (of the VPN server) instead of the public IP address? Or connect to the VPN server on (private) IP address? I assume this is only for testing purposes?

Re: VPN

Posted: Fri Nov 08, 2019 5:05 pm
by Mirela
Hi,

VPN is IKEv2 on Strongswan running debian. I want to enable vpn passthrough so I can have VPN connection enabled even when phones and laptops are in home network. Now I need to manually enable vpn every time I am outside of the office.

Mikrotik have IP 192.168.1.1
VPN server 192.168.1.5
Pool for VPN clients is 192.168.1.10 to 192.168.1.50
On Mikrotik is enabled port forwarding from eth1 to 192.168.1.5 on ports 500 and 4500.
On eth1 is modem.

Re: VPN

Posted: Sat Nov 09, 2019 6:44 am
by mf761
Hi,
For getting the traffic to your VPN server beeing routed correct you need dstnat of your VPN ports to the address type local to your VPN server and also a srcnat masquerade of the outinterface of the bridge.

that should work

but the question is, why do you want to connect to your local VPN from the same local network, or is behind that VPN another network?
VPN you use to connect from the WAN with a secure channel to your private network!

br
michael

Re: VPN

Posted: Sat Nov 09, 2019 7:53 pm
by gkk