Hello , i'm trying to setup my first Site to Site tunnel to connect 2 different LANs in different offices, both with static IPs internet connections.
My first attemp was using IPSEC tunnel but i encountered some problems so i'm trying now GRE with IPSEC security.
Everything looks fine with one exception:
i have setup my firewall using this guide
https://help.mikrotik.com/docs/display/ ... d+Firewall
The connection is block by the rule in /ip firewall raw section:
add action=drop chain=prerouting comment="defconf: drop the rest"
In fact if i disable this in both routers i can have traffic across the tunnel.
What should i add as RAW firewall rule to let trafic flow?
Re: GRE IPSEC Tunnel get blocked
Ok i found it myself:
chain=prerouting action=accept log=no log-prefix="" src-address=192.168.1.0/24 dst-address=192.168.0.0/24
chain=prerouting action=accept log=no log-prefix="" src-address=192.168.0.0/24 dst-address=192.168.1.0/24
on both routers on top of the list
chain=prerouting action=accept log=no log-prefix="" src-address=192.168.1.0/24 dst-address=192.168.0.0/24
chain=prerouting action=accept log=no log-prefix="" src-address=192.168.0.0/24 dst-address=192.168.1.0/24
on both routers on top of the list
Who is online
Users browsing this forum: No registered users and 93 guests