Community discussions

MikroTik App
 
thund3r
just joined
Topic Author
Posts: 6
Joined: Wed Feb 18, 2015 11:11 pm

Route trafic of the instance to OpenVPN using new routing mark

Tue Mar 01, 2022 10:45 pm

Hello team!
I need to route traffic from one PC in my net with static IP to OpenVPN server Debian based in a different network. But I can't understand how to work with new routing marks.
Can you help me, please?

RouterOS: 7.1.1
My pubic IP: 3.3.8.3
OpenVPN server: 5.3.28.2
OpenVPN private network: 192.168.188.1/24


> interface/ovpn-client/print
Flags: X - disabled; R - running 
 0    name="vpn" mac-address=0:52:D3:19:E7:44 max-mtu=1500 
      connect-to=5.3.28.2 port=1194 mode=ip protocol=tcp user="openvpn" 
      password="" profile=default certificate=mikrotik 
      verify-server-certificate=no tls-version=any auth=sha1 cipher=blowfish128 
      use-peer-dns=yes add-default-route=no
      

> routing/table/print
Flags: D - dynamic; X - disabled, I - invalid; U - used 
 0 D   name="main" fib 
 1     name="vpn" fib 

> ip/firewall/address-list/print
Columns: LIST, ADDRESS, CREATION-TIME
# LIST  ADDRESS      CREATION-TIME       
0 mypc   172.16.1.99  feb/28/2022 20:25:58

> ip/firewall/nat/print
Flags: X - disabled, I - invalid; D - dynamic 
 0    ;;; defconf: masquerade
      chain=srcnat action=masquerade out-interface-list=WAN log=no 
      log-prefix="" ipsec-policy=out,none 
 1 I  ;;; 
      chain=srcnat action=masquerade src-address-list=mypc out-interface=vpn 
      log=no log-prefix="" 

> ip/firewall/mangle/print
Flags: X - disabled, I - invalid; D - dynamic 
 0  D ;;; special dummy rule to show fasttrack counters
      chain=prerouting action=passthrough 
 1  D ;;; special dummy rule to show fasttrack counters
      chain=forward action=passthrough 
 2  D ;;; special dummy rule to show fasttrack counters
      chain=postrouting action=passthrough 
 3    chain=prerouting action=mark-routing new-routing-mark=vpn passthrough=yes 
      src-address-list=mypc log=no log-prefix=""

> ip/route/print
Flags: D - DYNAMIC; X, I, A - ACTIVE; c, s, d, y - COPY
Columns: DST-ADDRESS, GATEWAY, DISTANCE
#     DST-ADDRESS       GATEWAY          DISTANCE
DAd 0.0.0.0/0         3.3.8.3          2
As 0.0.0.0/0         192.168.188.1           1
  DAc 3.3.8.0/23  ether1                  0
  DAc 172.16.1.0/24     bridge                  0
  DAc 192.168.188.0/24 vpn                     0

I tried like this:
 ip route add dst-address=0.0.0.0/0 gateway=192.168.188.1@vpn
 

Who is online

Users browsing this forum: No registered users and 18 guests