Community discussions

 
chrisintaipei
newbie
Topic Author
Posts: 31
Joined: Fri Sep 21, 2012 1:04 pm

running VPN within VPN

Sun Sep 21, 2014 8:43 am

I'd like to run a SSTP session within a PPTP session.

Had a look at /ip route, doesn't look like there is a way doing it there. Had a look at mangle, perhaps that's where I can redirect the packets, but prerouting chain cannot use output interface as a condition. So I am out of ideas...

Anyone could give me a direction how to go about?
 
User avatar
NAB
Trainer
Trainer
Posts: 503
Joined: Tue Feb 10, 2009 4:08 pm
Location: UK
Contact:

Re: running VPN within VPN

Mon Sep 22, 2014 5:20 pm

Yes it's possible - Just route your SSTP tunnel down the PPTP interface.
Not sure I'd recommend it though!
Nicholas Barnes BSc(hons)
Certified Mikrotik Consultant
Certified Mikrotik Trainer

Vitell - Asterisk, Linux and network consultants
Unofficial IRC channel: #routerboard on irc.z.je
 
chrisintaipei
newbie
Topic Author
Posts: 31
Joined: Fri Sep 21, 2012 1:04 pm

Re: running VPN within VPN

Mon Sep 22, 2014 6:16 pm

Yes it's possible - Just route your SSTP tunnel down the PPTP interface.
Not sure I'd recommend it though!
Thanks for getting back to me~

in /IP route, gateway I select PPTP, but then how/where do I select SSTP tunnel?

or should this be done at other place?
 
User avatar
NAB
Trainer
Trainer
Posts: 503
Joined: Tue Feb 10, 2009 4:08 pm
Location: UK
Contact:

Re: running VPN within VPN

Tue Sep 23, 2014 10:50 am

Select it for what? You just make traffic to the SSTP end point route over the PPTP interface and then make all the other traffic route over the SSTP interface.
Nicholas Barnes BSc(hons)
Certified Mikrotik Consultant
Certified Mikrotik Trainer

Vitell - Asterisk, Linux and network consultants
Unofficial IRC channel: #routerboard on irc.z.je
 
hydroksyde
just joined
Posts: 16
Joined: Fri May 31, 2013 11:54 pm

Re: running VPN within VPN

Wed Sep 24, 2014 6:37 am

/ip route add dst-address=<pptp server IP> gateway=<your WAN interface or gateway IP>
/ip route add dst-address=<sstp server IP> gateway=<PPTP interface or remote IP>
/ip route add gateway=<SSTP interface or remote IP>

This would be the easiest way to do it without any mangle rules, if you aren't worried about other traffic to these IPs not going through the VPNs (assuming PPTP and SSTP are different IPs)

MTU settings may also need tweaking
 
chrisintaipei
newbie
Topic Author
Posts: 31
Joined: Fri Sep 21, 2012 1:04 pm

Re: running VPN within VPN

Wed Sep 24, 2014 1:01 pm

/ip route add dst-address=<pptp server IP> gateway=<your WAN interface or gateway IP>
/ip route add dst-address=<sstp server IP> gateway=<PPTP interface or remote IP>
/ip route add gateway=<SSTP interface or remote IP>

This would be the easiest way to do it without any mangle rules, if you aren't worried about other traffic to these IPs not going through the VPNs (assuming PPTP and SSTP are different IPs)

MTU settings may also need tweaking
without these CLI i think i could never figured it out by myself. really thank a lot~~

the pings are very unstable, could it because of MTU? if so, any suggestion of what i should try or read?

Who is online

Users browsing this forum: No registered users and 98 guests