Community discussions

MUM Europe 2020
 
bvladan
just joined
Topic Author
Posts: 10
Joined: Sun Dec 30, 2012 8:46 pm
Location: Montenegro, Podgorica

two wan, l2tp on wan2 (routing problem)

Sun Jan 13, 2013 11:19 pm

Hi all,

I have two internet (wan connections) on mtk. Default route is on the wan1 and LAN goes to internet through wan1 interface.
I have public static IP address on WAN2, and I use them only for IPSEC connections. I would like also to accept l2tp clients (with ipsec) on wan2 interface. But no success yet.
This only work when I manualy put in ip routes dst-address of remote l2tp client and for gateway i choose wan2 interface. Remote l2tp client does not have a static ip, and there is a problem for me. I aslo tried to mark incoming connections on wan2 interface and mark routing them to static route with that routing mark, but no success.

Any idea? Please help :)

Regards.
 
User avatar
cbrown
Trainer
Trainer
Posts: 1840
Joined: Thu Oct 14, 2010 8:57 pm
Contact:

Re: two wan, l2tp on wan2 (routing problem)

Mon Jan 14, 2013 4:41 pm

You need to setup policy routing to connections coming in WAN2 go back out WAN2 and not out WAN1.

http://wiki.mikrotik.com/wiki/Manual:PCC#Policy_routing
C.Brown

cbrown[at]ravenrocknetworks.com
MTCNA - MTCRE - MTCWE - MTCTCE
MTCSE - TRAINER-0179
 
zalexp
just joined
Posts: 10
Joined: Thu Jul 19, 2012 12:47 pm
Location: Russia, Stavropol

Re: two wan, l2tp on wan2 (routing problem)

Thu Jan 17, 2013 9:46 am

same problem. I am having multiple wan and want to use each as lt2p/ipsec server. I am using pcc for marking incoming connections. I have tested with external client on windows using log rules in mangle and found that after first lt2p packet from client (incoming connection marked by pcc both-address), l2tp server on mikrotik replies on first interface (seems that it initiates new connection using first routable interface), so connection drops.
This is a bug or l2tp/ipsec working that way (initiate new self connection from server)?
Does anybody have good sequence diagram on how l2tp/ipsec works?
 
Rockyboa
Frequent Visitor
Frequent Visitor
Posts: 85
Joined: Tue Jul 14, 2009 10:52 pm

Re: two wan, l2tp on wan2 (routing problem)

Tue Mar 26, 2013 3:53 pm

Same issue here, even building a route for the remote IP doesn't solve, tunnel will always instantiate from the default route. Whatever routing mark is goes over the WAN with the lowest metric and no mark
 
cepg
just joined
Posts: 4
Joined: Sat Aug 28, 2010 11:40 pm

Re: two wan, l2tp on wan2 (routing problem)

Sat Aug 31, 2013 3:23 pm

I confirm the issue. As well i want to say that not only service L2TP, but obviously all the other Mikrotik service (NTP client, DNS client, etc.) also ignore the routing mark and always go into the default route with the lowest metric.

I have Mikrotik 5.20
Last edited by cepg on Sat Aug 31, 2013 3:42 pm, edited 1 time in total.
 
User avatar
bysard
Member Candidate
Member Candidate
Posts: 295
Joined: Thu Apr 22, 2010 2:53 pm

Re: two wan, l2tp on wan2 (routing problem)

Sat Aug 31, 2013 3:30 pm

I'm seeing similar problem in 6.2 - Firsts UDP packet received is all I get on L2TP. Spamming same line over and over again. Downgrading to 5.25 eliminates this error and L2TP is working again. PPTP works OK on 6.2. I'm seeing this on RB1100AHx2.

Who is online

Users browsing this forum: No registered users and 98 guests