I would like my SSTP server to be in a separate VRF. Current issue is, that during the connection process, packets get sent to the client through the default route of the main routing table but the VRF which is supposed to be there for the SSTP clients, has a separate default route. Is that possible with 6.48.6? I read somewhere something about 7.x fixing stuff like that but I'm not sure.
Routing looks like this:
Code: Select all
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
0 A S dst-address=0.0.0.0/0 pref-src=192.168.31.45 gateway=192.168.31.46 gateway-status=192.168.31.46 on SSTP_VRF reachable via SSTP-VLAN-INTERFACE distance=1 scope=30 target-scope=10
routing-mark=SSTP_VRF
4 A S dst-address=0.0.0.0/0 pref-src=192.168.31.25 gateway=192.168.31.26 gateway-status=192.168.31.26 reachable via L7FW-VLAN-INTERFACE check-gateway=ping distance=1 scope=30
target-scope=10
5 S dst-address=0.0.0.0/0 pref-src=192.168.25.252 gateway=10.200.25.1 gateway-status=10.200.25.1 reachable via ether1 check-gateway=ping distance=10 scope=30 target-scope=10
ID 4 is the default route for outgoing traffic for everything coming from the LAN, traffic is being routed through a L7 firewall for AV scanning and stuff
ID 5 is a fallback default route, if the L7 firewall from ID 4 is unreachable
so again, to sum it up, SSTP client connections are coming in through the interface ip 192.168.31.45 of the MikroTik router, but responses are routed through the default route ID 4 instead of ID 0.
I expected, because 192.168.31.45 is part of a separate VRF, that the default route of that VRF (ID 0) would be taken into account.
Thanks for your help