Community discussions

MikroTik App
 
nunomflora
just joined
Topic Author
Posts: 3
Joined: Sat Apr 10, 2021 3:22 pm

Pass IPv4 from VPS To Other Router throw Tunnel

Wed Jan 19, 2022 7:20 pm

I need some help trying to configure the connection that I illustrate below can someone please give some help ?
Image
 
sindy
Forum Guru
Forum Guru
Posts: 10206
Joined: Mon Dec 04, 2017 9:19 pm

Re: Pass IPv4 from VPS To Other Router throw Tunnel

Wed Jan 19, 2022 8:46 pm

Read this first, then continue here with additional details and questions if necessary.
 
nunomflora
just joined
Topic Author
Posts: 3
Joined: Sat Apr 10, 2021 3:22 pm

Re: Pass IPv4 from VPS To Other Router throw Tunnel

Thu Jan 20, 2022 1:17 pm

First Thank you so much for the help.

Now I have managed to come up whit a config for the server site please tell me if I'm right ?

Server

/ppp secret add user=CHR2 password=Something local-address=10.0.0.1 remote-address=32.xx.xx.01
/interface l2tp-server server set allow-fast-path=yes default-profile="default" enable=yes ipsec-secret=Something \ max-mtu=1400 mrru=1600 use-ipsec=yes
/interface l2tp-server add name="l2tp-ON-CHR2" user=CHR2

/ip arp
add address=84.xx.xx.47 interface=ether1 published=yes
add address=84.xx.xx.48 interface=ether1 published=yes
add address=84.xx.xx.65 interface=ether1 published=yes
add address=84.xx.xx.66 interface=ether1 published=yes
add address=84.xx.xx.252 interface=ether1 published=yes

/ip route
add dst-address=84.xx.xx.47 gateway=l2tp-ON-CHR2
add dst-address=84.xx.xx.48 gateway=l2tp-ON-CHR2
add dst-address=84.xx.xx.65 gateway=l2tp-ON-CHR2
add dst-address=84.xx.xx.66 gateway=l2tp-ON-CHR2
add dst-address=84.xx.xx.252 gateway=l2tp-ON-CHR2

CHR2

/interface l2tp-client add add-default-route=yes allow-path=yes connect-to=213.xx.xx.105 disable=no ipsec-secret=Something mrru=1600 name=l2tp-out1 password=Something use-ipsec=yes User=CHR2
 
sindy
Forum Guru
Forum Guru
Posts: 10206
Joined: Mon Dec 04, 2017 9:19 pm

Re: Pass IPv4 from VPS To Other Router throw Tunnel

Fri Jan 21, 2022 5:07 pm

/ppp secret add user=CHR2 password=Something local-address=10.0.0.1 remote-address=32.xx.xx.01
local-address and remote-address are addresses to be assigned to the local (server) and remote (client) tunnel interfaces once a client matching this /ppp secret row connects. So I'm not sure whether CHR2 acting as L2TP client will accept its own public address to be assigned also to the l2tp-out1 interface. It may work, but is it really your intention? If the idea was to say that the client may only connect from 32.xx.xx.01, such a limitation cannot be configured.

/interface l2tp-client add add-default-route=yes allow-path=yes connect-to=213.xx.xx.105 disable=no ipsec-secret=Something mrru=1600 name=l2tp-out1 password=Something use-ipsec=yes User=CHR2
If you want CHR2 and everything connected to its LAN to send all traffic via CHR1, the default-route=yes setting is OK, but you have to set a dedicated route to 213.xx.xx.105/32 via the WAN gateway (32.xx.xx.yy).

Who is online

Users browsing this forum: No registered users and 39 guests