Community discussions

MikroTik App
 
User avatar
ljb
just joined
Topic Author
Posts: 16
Joined: Mon Feb 28, 2022 9:39 pm

No ICMP route from container to VPN connections

Mon May 22, 2023 1:13 pm

I have a DC hosted and licensed CHR with VPN connections to remote locations for monitoring.

Having my nose deep in Mikrotik's youtube channel and others I dicovered that I can make use of a fancy interface for monitoring uptime through a dynamic web page. This ultimately lives in a container.

The container is attached to a bridge called dockers and marked as a LAN interface with its own private IP range as 10.0.4.0/24. VPN clients are handed an IP address in the 10.0.5.0/24 range. When I ping any of the VPN clients from the ping tool in Winbox I am getting a ping reply without trouble and netwatch provides the same level of reliability.

To accommodate ICMP from dockers bridge to VPN IP address range I have added the following rules to no success:
/interface/list/member/add list=LAN interface=docker
/interface/list/member/add list=LAN interface=ppp-alpha-002-internal
/ip/firewall/filter/ add chain=forward src-address=10.0.7.0/24 dst-address=10.0.5.0/24 protocol=ICMP action=accept
/ip/firewall/filter/ add chain=forward src-address=10.0.5.0/24 dst-address=10.0.7.0/24 protocol=ICMP action=accept
What am I missing?

Any help is greatly appreciated

LJB
 
User avatar
ljb
just joined
Topic Author
Posts: 16
Joined: Mon Feb 28, 2022 9:39 pm

Re: No ICMP route from container to VPN connections

Mon May 22, 2023 4:31 pm

I figured what was missing. Masquerade rule is the answer.

Who is online

Users browsing this forum: BinaryTB and 69 guests