Community discussions

MikroTik App
 
SergioGalo
just joined
Topic Author
Posts: 7
Joined: Tue May 10, 2022 9:53 am
Location: Europe

Subnets and IPSEC

Tue May 10, 2022 10:01 am

Hi

I have 3 subnet.

In the ccr1036
172.16.0.0/24 Local1
172.16.1.0/25 Local Servers
In cloud
172.16.10.128/25 Cloud servers conected by IPSEC with 172.16.1.0/25.

I can ping and use the VPN between 10.125/25 and 1.0/25 subnets

How can I put a rule to conect 172.16.0.0/24 whit 172.16.1.0/25?
 
rbuserdl
Member Candidate
Member Candidate
Posts: 270
Joined: Thu Mar 22, 2018 1:53 pm

Re: Subnets and IPSEC

Thu May 12, 2022 11:53 pm

Hello Sergio,

172.16.0.0/24 and 172.16.1.0/25 subnets are both connected to phisical interfaces in the CCR?
In this case, if you configured an IP in each subnet in CCR, you should have a "Connected" route to each subnet, so you should not need any additional route
By default, all filter rules does not drop packet from different LAN interfaces
If an specific traffic does not match any rule, this will be allowed (It is the default behavior)
In case you have rules to block traffic comming from WAN interface list, check that these interfaces are not in the Interface list
If not, check the rules you have
If you still dont know, you coud run "ip firewall filter export" in a terminal and copy the output here, hidding sensitive information

Regards,
Damián

Who is online

Users browsing this forum: AtomikRoach, Bing [Bot] and 39 guests