Yes, Different ISP's (both have public , static ip. Can ping them from outside.
ok so wan1 has a fiber epon , thats on bridge mode hence it is configured as pppoe in mikrotik and has a static ip from isp, in this vpn connects from outside
wan2 has a modem that is not in bridge. this is also epon but already dialed pppoe in the modem itself. so themode has dmz and vpn port forwarding which is enabled.
both of them are public static ips.
for example i have a sql database , on wan2 modem i port forward that port to the mikrotik and mikrotik throws it at the server and i can connect to the database.
i have been trying to get the isp to give the username and password of the modem on wan2 so that i can put it on bridge mode and use wan2 as pppoe but the wan2 isp has bad support
You are actually doing "DMZ" port-forwarding on the modem to your Mikrotik router?
yes plus there is an option in modem to allow vpn connection through to which ip address, here i have given ip address of the wan2 port of mikrotik and when i connect from outside i can see in mikrotik ph1 and ph2 completed and established but then it disconnects in a matter of 4 or 5 seconds everytime
But with wan1 which is pppoe it works well.
i suspect the modem is holding something.
This is a symptom of TCP and UDP being forwarded, but not the other protocols... 47 (GRE) and 50 (ESP) as examples.. TCP is protocol 6, ICMP is protocol 1, UDP is protocol 17..
There are many, many protocols and most times, DMZ only means TCP and UDP, there are simply no options in the gateways for the other protocols.
My first thought anyways..
Depending on your configuration, any NAT can/will break the VPN because the packets are changed as they are NAT'd.
Personally, I wouldn't hesitate to try and hack the modem/gateway to get the credentials, but I would never suggest someone else do that.. lol