I acquired a new hAP MikroTik board. I want to use this in another location, to provide internet to small Wi-Fi devices, tablets specifically.
In the hAP device, I configured a WAN connection, which works fine when connecting Wi-Fi devices. I successfully created a NAT masquerade rule traffic to WAN. I added a L2TP-Client connection to the main router (unifi), the connection is successfully established. However, when I try to connect through WinBox or send a PING from the main network, the MikroTik device receives the packets, but does not route the response to the L2TP connection correctly.
Code: Select all
/interface bridge
add admin-mac=** auto-mac=no comment=defconf name=bridge
/interface l2tp-client
add connect-to=*** disabled=no ipsec-secret=*** name="L2TP - NET" password="***" use-ipsec=yes user=***
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=10.61.10.1/28 comment=defconf interface=bridge network=10.61.10.0
add address=172.30.0.0/23 comment="LAN Address" interface="L2TP - NET" network=172.30.0.0
add address=10.60.10.0/27 comment="L2TP VPN Address" interface="L2TP - NET" network=10.60.10.0
/ip firewall filter
add action=accept chain=input comment="Enable ICMP" in-interface="L2TP - NET" protocol=icmp
add action=accept chain=input comment=WinBox dst-port=8291,80 in-interface="L2TP - NET" protocol=tcp
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN