Community discussions

MikroTik App
just joined
Topic Author
Posts: 13
Joined: Mon Feb 04, 2019 2:53 pm

Connect to my routers IP itself via OVPN ethernet mode

Wed Feb 10, 2021 10:18 pm

I want to connect via OVPN to my network. I use Ethernet-Mode to get a L2-Connection for simple access to some machines inside.

It still works for all machines behind, if I want to talk to them adressing them by IP or MAC - just the routerboard running the OVPN-Server fails connecting by IP. Connection by MAC works.
If I try the routerboard in the network - I can connect them all by winbox.exe using IP or MAC. Only the one my tunnel ends I only have the possibility to talk to by MAC. What can I do to get the connection by IP?

Here my config on that router:
# feb/10/2021 19:42:57 by RouterOS 6.48
# model = RBD52G-5HacD2HnD
/interface bridge
add frame-types=admit-only-vlan-tagged name=bridge1 pvid=101 vlan-filtering=\
/interface ethernet
set [ find default-name=ether1 ] name=ether1LAG_uplink
set [ find default-name=ether2 ] name=ether2LAG_uplink
set [ find default-name=ether3 ] name=ether3_Stromregelung
set [ find default-name=ether4 ] name=ether4
/interface wireless
# managed by CAPsMAN
# channel: 2462/20/gn(20dBm), SSID: KnightWLAN, local forwarding
set [ find default-name=wlan1 ] antenna-gain=0 country=no_country_set \
    disabled=no frequency-mode=manual-txpower name=wlan2G ssid=MikroTik \
# managed by CAPsMAN
# channel: 5180/20-Ce/ac/P(23dBm), SSID: KnightWLAN, local forwarding
set [ find default-name=wlan2 ] antenna-gain=0 country=no_country_set \
    disabled=no frequency-mode=manual-txpower name=wlan5G ssid=MikroTik \
/interface ovpn-server
add name=ovpn-DLT user=DLT
add name=ovpn-DPC user=DPC
/interface vlan
add interface=bridge1 name=vlan101Main vlan-id=101
add interface=bridge1 name=vlan102Kids vlan-id=102
add interface=bridge1 name=vlan103Teens vlan-id=103
add interface=bridge1 name=vlan201Einrichter vlan-id=201
/interface bonding
add arp-ip-targets= link-monitoring=none mode=802.3ad name=\
    LAG1uplink slaves=ether1LAG_uplink,ether2LAG_uplink transmit-hash-policy=\
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=OVPN ranges=
/ppp profile
add dns-server= local-address= name=RoadWarrior \
    remote-address=OVPN use-compression=no use-encryption=required use-ipv6=\
    no wins-server=
/interface bridge port
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged \
    interface=ether3_Stromregelung pvid=201
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged \
    interface=ether4 pvid=101
add bridge=bridge1 interface=ether5 pvid=101
add bridge=bridge1 frame-types=admit-only-vlan-tagged ingress-filtering=yes \
    interface=LAG1uplink pvid=101
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged \
    interface=ovpn-DLT pvid=101
/interface bridge vlan
add bridge=bridge1 tagged=bridge1,wlan2G,wlan5G,*1B,*1F,LAG1uplink untagged=\
    ether4,ether5,vlan101Main,ovpn-DLT vlan-ids=101
add bridge=bridge1 tagged=*19,*1D,LAG1uplink untagged=vlan102Kids vlan-ids=\
add bridge=bridge1 tagged=*1A,*1E,LAG1uplink untagged=vlan103Teens vlan-ids=\
add bridge=bridge1 tagged=*1C,*20,LAG1uplink untagged=\
    vlan201Einrichter,ether3_Stromregelung vlan-ids=201
/interface ovpn-server server
set auth=sha1 certificate=server.crt_0 cipher=aes256 default-profile=\
    RoadWarrior enabled=yes mode=ethernet netmask=22 \
/interface wireless cap
set bridge=bridge1 caps-man-addresses= caps-man-names=LANRouter \
    certificate=request discovery-interfaces=vlan101Main enabled=yes \
/ip address
add address= interface=vlan101Main network=
/ip dns
set servers=,
/ip route
add check-gateway=ping distance=1 gateway=
add distance=1 dst-address= gateway=vlan101Main
/ipv6 nd
set [ find default=yes ] advertise-dns=no
/ppp secret
add local-address= name=DLT profile=RoadWarrior
add name=DPC profile=RoadWarrior
/system clock
set time-zone-name=Europe/Berlin
/system identity
set name=APSw
/system ntp client
set enabled=yes primary-ntp= secondary-ntp=

and the client:
# Bridged mode!

dev tap
proto tcp-client

remote 8080 # Remote OpenVPN Servername or IP address

ca   keys/rootca.crt
cert keys/client2.crt
key  keys/client2.pem


#comp-lzo # Do not use compression. It doesn't work with RouterOS (at least up to RouterOS 3.0rc9)

# More reliable detection when a system loses its connection.
ping 15
#ping-restart 45
verb 3

cipher AES-256-CBC
auth SHA1

auth-user-pass auth.cfg

dhcp-option DNS
dhcp-option WINS
redirect-gateway def1

Any idea?
just joined
Topic Author
Posts: 13
Joined: Mon Feb 04, 2019 2:53 pm

Re: Connect to my routers IP itself via OVPN ethernet mode

Sun Feb 21, 2021 4:15 pm

Maybe it's a dumb question, but can anyone explain this behavior to me?

Who is online

Users browsing this forum: ak4020, Egate, mustnass, nickrod50 and 157 guests