I need to route traffic from one PC in my net with static IP to OpenVPN server Debian based in a different network. But I can't understand how to work with new routing marks.
Can you help me, please?
RouterOS: 7.1.1
My pubic IP: 3.3.8.3
OpenVPN server: 5.3.28.2
OpenVPN private network: 192.168.188.1/24
> interface/ovpn-client/print
Code: Select all
Flags: X - disabled; R - running
0 name="vpn" mac-address=0:52:D3:19:E7:44 max-mtu=1500
connect-to=5.3.28.2 port=1194 mode=ip protocol=tcp user="openvpn"
password="" profile=default certificate=mikrotik
verify-server-certificate=no tls-version=any auth=sha1 cipher=blowfish128
use-peer-dns=yes add-default-route=no
> routing/table/print
Code: Select all
Flags: D - dynamic; X - disabled, I - invalid; U - used
0 D name="main" fib
1 name="vpn" fib
> ip/firewall/address-list/print
Code: Select all
Columns: LIST, ADDRESS, CREATION-TIME
# LIST ADDRESS CREATION-TIME
0 mypc 172.16.1.99 feb/28/2022 20:25:58
> ip/firewall/nat/print
Code: Select all
Flags: X - disabled, I - invalid; D - dynamic
0 ;;; defconf: masquerade
chain=srcnat action=masquerade out-interface-list=WAN log=no
log-prefix="" ipsec-policy=out,none
1 I ;;;
chain=srcnat action=masquerade src-address-list=mypc out-interface=vpn
log=no log-prefix=""
> ip/firewall/mangle/print
Code: Select all
Flags: X - disabled, I - invalid; D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=prerouting action=passthrough
1 D ;;; special dummy rule to show fasttrack counters
chain=forward action=passthrough
2 D ;;; special dummy rule to show fasttrack counters
chain=postrouting action=passthrough
3 chain=prerouting action=mark-routing new-routing-mark=vpn passthrough=yes
src-address-list=mypc log=no log-prefix=""
> ip/route/print
Code: Select all
Flags: D - DYNAMIC; X, I, A - ACTIVE; c, s, d, y - COPY
Columns: DST-ADDRESS, GATEWAY, DISTANCE
# DST-ADDRESS GATEWAY DISTANCE
DAd 0.0.0.0/0 3.3.8.3 2
As 0.0.0.0/0 192.168.188.1 1
DAc 3.3.8.0/23 ether1 0
DAc 172.16.1.0/24 bridge 0
DAc 192.168.188.0/24 vpn 0
I tried like this:
Code: Select all
ip route add dst-address=0.0.0.0/0 gateway=192.168.188.1@vpn