Community discussions

MikroTik App
 
eaf
just joined
Topic Author
Posts: 3
Joined: Tue Apr 19, 2022 10:20 pm

VPN Access in Quick Set leaves ESP traffic filtered

Tue Apr 19, 2022 10:30 pm

Hi,

Please help me understand one thing.

There is this convenient "VPN Access" checkbox in Quick Set tab of RB750Gr3 that preconfigures a bunch of settings for VPN access (It sets up PPP user/password, L2TP Server, IPSec Identities with preshared keys, even NAT rules for connections from PPP 192.168.89.0/24 as well as Firewall filtering rules for ports like 4500, 500, or 1701).

But what the quick "VPN Access" checkbox apparently does NOT set up is a rule like "add action=accept chain=input protocol=ipsec-esp", which would allow L2TP sessions to be established. Unless I add this rule before the all denying "add action=drop chain=input in-interface-list=!LAN", I can't authenticate from my Mac over WAN.

Is this an overlook, a deliberate security feature, or am I missing something big here and instead of trying to fix my Mac VPN issues with allowing ipsec-esp on the WAN port I should've done something else?

Thanks!
 
kevinds
Long time Member
Long time Member
Posts: 642
Joined: Wed Jan 14, 2015 8:41 am

Re: VPN Access in Quick Set leaves ESP traffic filtered

Tue May 24, 2022 5:04 am

My suggestion is not to use QuickSet.. It helps but doesn't set all the configuration that it should.

Who is online

Users browsing this forum: No registered users and 18 guests