Community discussions

MikroTik App
 
chribonn
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 61
Joined: Tue Mar 13, 2018 9:41 am
Location: Malta
Contact:

OVPN to VLAN

Wed Dec 14, 2022 6:11 pm

I have a 2 VLANS:
  • SOHO - VLAN 10
  • GUEST - VLAN 20
I have the following defined pools:
  • SOHO_POOL ranges=192.168.16.20-192.168.16.99
  • GUEST_POOL ranges=10.0.20.2-10.0.20.254
  • name=OVPN-pool ranges=192.168.34.100-192.168.34.200
From devices I manage to establish a connection to the Mikrotik; the remote device gets and IP Address 192.168.34.x.

I am blocked to access the SOHO devices.

How do I go about telling OVPN-pool deviced to work on SOHO VLAN?

More than happy to post my config.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11444
Joined: Thu Mar 03, 2016 10:23 pm

Re: OVPN to VLAN

Thu Dec 15, 2022 8:41 am

OVPN devices and SOHO devices are in different IP subnets. So it's all about routing and firewalling. You need to configure OVPN to instruct peers to pass traffic for SOHO subnet via OVPN tunnel (if OVPN doesn't request from clients to use tunnel as default route). Then configure firewalling on router to allow that traffic. And configure firewalling on SOHO devices to allow traffic from OVPN subnet.

There's nothing to be done on L2 (VLAN) configuration at all.
 
chribonn
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 61
Joined: Tue Mar 13, 2018 9:41 am
Location: Malta
Contact:

Re: OVPN to VLAN

Thu Dec 15, 2022 9:44 am

Thanks.

It makes more sence to provide from the same IP subnet.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11444
Joined: Thu Mar 03, 2016 10:23 pm

Re: OVPN to VLAN

Thu Dec 15, 2022 2:17 pm

If you want OVPN clients to use IP addresses from SOHO pool (so that SOHO LAN devices consider OVPN clients to be in same LAN), then you'll have to assign OVPN pool some addresses from SOHO subnet. And enable proxy ARP on relevant interfaces (OVPN, SOHO) so that router will answer to ARP requests from both sides.
 
chribonn
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 61
Joined: Tue Mar 13, 2018 9:41 am
Location: Malta
Contact:

Re: OVPN to VLAN

Thu Dec 15, 2022 5:59 pm

I've change the OVPN to supply from the same subnet.

Re the ARP setting can you please guide me on where the option is found.

I have the following in my existing config:
/interface vlan
add interface=BR1 name=GUEST_VLAN vlan-id=20
add arp=proxy-arp interface=BR1 name=SOHO_VLAN vlan-id=10

Who is online

Users browsing this forum: baragoon and 46 guests