Community discussions

MikroTik App
 
felipefonsecabh
just joined
Topic Author
Posts: 4
Joined: Wed May 20, 2020 9:57 pm
Location: Brazil

Mikrotik as OpenVPN Server

Mon Jun 29, 2020 3:15 am

Hi Guys!
I configured a mikrotik to act as OpenVPN server, and it has VPN connections with several others offices. The system architecture is shown below:
image1.png
I can make the connection and i can ping the devices in main office. But i can't ping devices in other offices.
I've tried to create masquerades in several configuration forms, but i can't make the access works.
I attached images of some tried configurations.

Anyone have an idea which configuration is missing? I have to make changes in remote offices?
I don't have much experience with mikrotik.

Thanks a lot!
You do not have the required permissions to view the files attached to this post.
 
angriukas
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Fri Nov 22, 2013 9:20 am
Contact:

Re: Mikrotik as OpenVPN Server

Mon Jun 29, 2020 4:32 pm

I can only guess:
Notebook "do not knows" about networks of Office 1,2,3, all of packets from notebook for example to 192.168.40.0/24 are forwarded to internet.
Add to the .ovpn file needed subnets:

route 192.168.20 255.255.255.0
route 192.168.30 255.255.255.0
route 192.168.40 255.255.255.0
 
felipefonsecabh
just joined
Topic Author
Posts: 4
Joined: Wed May 20, 2020 9:57 pm
Location: Brazil

Re: Mikrotik as OpenVPN Server

Tue Jun 30, 2020 2:44 am

Hi.
This suggestion doesn't work.. I've attached my .ovpn file.
Is there any configuration i can do?

Thanks a lot!
You do not have the required permissions to view the files attached to this post.
 
MickeyT
just joined
Posts: 1
Joined: Tue Feb 18, 2020 7:06 am

Re: Mikrotik as OpenVPN Server

Tue Jun 30, 2020 3:58 am

From my experience setting up both SSTP and OpenVPN on a MikroTik I found that you need to change the Bridge ARP setting to proxy-arp to allow ping etc. to work (also required to allow RDP sessions).
 
angriukas
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Fri Nov 22, 2013 9:20 am
Contact:

Re: Mikrotik as OpenVPN Server

Tue Jun 30, 2020 6:45 pm

Here is similar case to your situation:
https://mum.mikrotik.com/presentations/ ... 726768.pdf

Check does ip->routes contains needed routes.
Try to add firewall rules in forward chain to allow packets between 192.168.81.0/24 and 192.168.20.0/24, 192.168.30.0/24, 192.168.40.0/24. Move those rules to the top.
Ensure packets from notebook are routed via VPN (I mean - not via internet), from notebook try following command, use real IP on destination network:
tracert -d 192.168.20.X

Who is online

Users browsing this forum: bpwl, sutrus and 77 guests