Community discussions

MUM Europe 2020
 
User avatar
matiaszon
Member
Member
Topic Author
Posts: 305
Joined: Mon Jul 09, 2012 9:26 am

L2TP with IPSec with access to only 1 specific IP in LAN

Fri Mar 24, 2017 3:30 pm

I have successfully established connection over L2TP/IPSec, but I can see all devices being in 192.168.88.0/24 network. I would like peers to have an access only to one specific IP, i.e. 192.168.88.100.

What is the quickest way to do so?

Thanks
 
nescafe2002
Long time Member
Long time Member
Posts: 637
Joined: Tue Aug 11, 2015 12:46 pm
Location: Netherlands

Re: L2TP with IPSec with access to only 1 specific IP in LAN

Fri Mar 24, 2017 3:33 pm

https://wiki.mikrotik.com/wiki/Manual:I ... all/Filter
MikroTik RouterOS has very powerful firewall implementation with features including:

stateful packet inspection
Layer-7 protocol detection
peer-to-peer protocols filtering
traffic classification by:
source MAC address
IP addresses (network or list) and address types (broadcast, local, multicast, unicast)
port or port range
IP protocols
protocol options (ICMP type and code fields, TCP flags, IP options and MSS)
interface the packet arrived from or left through
internal flow and connection marks
DSCP byte
packet content
rate at which packets arrive and sequence numbers
packet size
packet arrival time
and much more!
This page contains both documentation and some basic examples.
 
User avatar
matiaszon
Member
Member
Topic Author
Posts: 305
Joined: Mon Jul 09, 2012 9:26 am

Re: L2TP with IPSec with access to only 1 specific IP in LAN

Fri Mar 24, 2017 3:37 pm

Thanks for that.

It seems however I need to work more on VPN, as when I connect to the router it loses IPSec site-to-site tunnel with the other router. I need to modify connection... :(

Who is online

Users browsing this forum: No registered users and 95 guests