Hello everyone
I want to access my router through winbox over the internet, so I setup a L2TP VPN on the router and wrote down the local IP that the VPN server gave the router and on the other device (on the internet), which is connected to the same VPN server and is within the same subnet trying to access the router with winbox but got the error that is saying the connection timed out.
P.S. I use the following rule in router /firewall nat and also I change the default winbox port.
Nat rule: add action=dst-nat chain=dstnat comment="Remote winbox" disabled=no dst-port=\
1111 log=yes log-prefix="Remote winbox" protocol=tcp to-addresses=\
192.168.88.1 to-ports=9999
I try to connect to router by using 192.168.5.6 (router IP on VPN server subnet):1111
-
-
gotsprings
Forum Guru
- Posts: 2118
- Joined:
Re: Access winbox remotely over VPN
If you got your VPN right... Nat is not involved with reaching winbox.
That would be an INPUT RULE matching the interface or subnet of your VPN CLIENT.
That would be an INPUT RULE matching the interface or subnet of your VPN CLIENT.
Re: Access winbox remotely over VPN
Hi,
ping is working, from VPN client to 192.168.5.6?
I think, NAT rule is good...
ping is working, from VPN client to 192.168.5.6?
I think, NAT rule is good...
Re: Access winbox remotely over VPN
Still the same even after adding the input rule for VPN interface.
Actually after adding the rule I got hit on the rule and packets count but still the same connection timed out error.
Actually after adding the rule I got hit on the rule and packets count but still the same connection timed out error.
Re: Access winbox remotely over VPN
@gamesif
No pinging the private IP address of the router on the VPN subnet is not working.
P.S. Both of my devices (router - windows) are clients of a VPN server that I don't have access to server (I think it's Nord).
No pinging the private IP address of the router on the VPN subnet is not working.
P.S. Both of my devices (router - windows) are clients of a VPN server that I don't have access to server (I think it's Nord).
Re: Access winbox remotely over VPN
There is no difference even when using /ip cloud
Re: Access winbox remotely over VPN
The side from which you want to connect with winbox, need to know two things from a routing aspect.
- routing 'internet access' to VPN provider IP address
- routing 'L2TP VPN access' to l2tp tunnel IP on this side
What shows?
(in Windows command prompt)
- routing 'internet access' to VPN provider IP address
- routing 'L2TP VPN access' to l2tp tunnel IP on this side
What shows?
(in Windows command prompt)
Code: Select all
route print
tracert 192.168.5.6
Re: Access winbox remotely over VPN
@gemesif
172.19.19.45 is the router I want to connect to. (was 192.168.5.6 but I change the VPN server so it's 172.19.19.45 now)
Here you go: with 172.19.19.45: with Mikrotik /ip cloud DDNS: with /ip cloud DDNS it's not connecting to winbox too, but I had the same setup some where else but with static public IP and I could easily connect to the router with winbox.
172.19.19.45 is the router I want to connect to. (was 192.168.5.6 but I change the VPN server so it's 172.19.19.45 now)
Here you go: with 172.19.19.45: with Mikrotik /ip cloud DDNS: with /ip cloud DDNS it's not connecting to winbox too, but I had the same setup some where else but with static public IP and I could easily connect to the router with winbox.
You do not have the required permissions to view the files attached to this post.
Re: Access winbox remotely over VPN
I think we need to find a solution in this direction:
https://docs.microsoft.com/en-us/window ... pn-routing
"Network routes are required for the stack to understand which interface to use for outbound traffic. One of the most important decision points for VPN configuration is whether you want to send all the data through VPN (force tunnel) or only some data through the VPN (split tunnel). This decision impacts the configuration and the capacity planning, as well as security expectations from the connection."
https://docs.microsoft.com/en-us/window ... pn-routing
"Network routes are required for the stack to understand which interface to use for outbound traffic. One of the most important decision points for VPN configuration is whether you want to send all the data through VPN (force tunnel) or only some data through the VPN (split tunnel). This decision impacts the configuration and the capacity planning, as well as security expectations from the connection."
Re: Access winbox remotely over VPN [SOLVED]
It was a problem with Nord VPN network.
Thank you guys
Thank you guys
Re: Access winbox remotely over VPN
Please explain me why you censore private IP addresses...
Is better you understand the differencies between public and private IP space...
Is better you understand the differencies between public and private IP space...
cmd code
C:\Users\RexTended>route print
===========================================================================
Elenco interfacce
13...08 60 6e 90 22 e4 ......Intel(R) 82579V Gigabit Network Connection
6...08 60 6e f2 d6 6a ......Intel(R) 82574L Gigabit Network Connection
1...........................Software Loopback Interface 1
===========================================================================
IPv4 Tabella route
===========================================================================
Route attive:
Indirizzo rete Mask Gateway Interfaccia Metrica
0.0.0.0 0.0.0.0 192.168.11.254 192.168.11.11 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.11.0 255.255.255.0 On-link 192.168.11.11 281
192.168.11.11 255.255.255.255 On-link 192.168.11.11 281
192.168.11.255 255.255.255.255 On-link 192.168.11.11 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.11.11 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.11.11 281
===========================================================================
Route permanenti:
Nessuna