Community discussions

MikroTik App
 
OrestisG
just joined
Topic Author
Posts: 2
Joined: Fri Mar 05, 2021 10:01 am

IKEv2 client - to - site and site - to - site

Fri Mar 05, 2021 10:13 am

Hello everyone!
I've set up a MikroTik RB4011iGS+5HacQ2HnD-IN (v6.48.1), with an IKE v2 site-to-site tunnel to a remote site running pfSense. In addition, a second IKE v2 VPN is used for remote users to access the Mikrotik's LAN. The Mikrotik board uses PPPoE, as does the pfSense one. The subnets are the following:

MIkrotik LAN: 192.168.88.0/24
pfSense LAN: 192.168.0.0/24
VPN pool: 192.168.89.0/24

Connectivity between the two LANs is fine, as is between the VPN clients and the Mikrotik LAN. What I can't seem to fix is the connectivity between the VPN clients (192.168.89.0/24) and the pfSense LAN. It seems that the VPN client's requests are routed throught the PPPoE interface, instead of going through the tunnel. So far I've tried split tunnelling (which completely messes up the clients' routing), as well as setting up a second IPSec phase2 policy, creating a tunnel between the 89 subnet and the 0 subnet. The tunnel comes up, but no packets from the 89 subnet are routed through it.

I am a Mikrotik newbie, so I may be missing something very obvious, so all ideas are welcome.
 
OrestisG
just joined
Topic Author
Posts: 2
Joined: Fri Mar 05, 2021 10:01 am

Re: IKEv2 client - to - site and site - to - site  [SOLVED]

Wed Mar 10, 2021 1:59 pm

It turns out that it was something simple! I had to enable the "Request an Inner IP address" option in my client's vpn settings (Ubuntu network manager), otherwise the client was being identified by its LAN address, which had nothing to do with the VPN pool.
 
alextorresg
just joined
Posts: 3
Joined: Mon Nov 05, 2018 6:37 am

Re: IKEv2 client - to - site and site - to - site

Thu Apr 08, 2021 12:16 am

Hi, I tried to setup a similar configuration (Mikrotik - PFsense IKEv2 site to site) without successful

Did you follow some guide? or could you help me with some tips configurations?

Thanks.

Who is online

Users browsing this forum: Ahrefs [Bot], Briancer, gigabyte091, Google [Bot], GoogleOther [Bot] and 56 guests