Community discussions

MikroTik App
 
randomname
just joined
Topic Author
Posts: 3
Joined: Wed Jun 08, 2022 10:47 pm

Manage router via VPN

Wed Jun 08, 2022 10:56 pm

Hello,

I just configured an IPSec VPN on my Mikrotik (RB4011iGS+). Everything seems to be working fine except one thing. When connected via VPN I am not able to reach the web interface of Mikrotik also the android app refuses the connection. However I'm able to ping the router IP 192.168.88.1.

I have checked the firewall which doesn't seem to be blocking this. Also IP > Services > www & www-ssl has configured available from as "0.0.0.0/0".

Am I missing something else or should I have a look again at the firewall or something else?
 
tdw
Forum Guru
Forum Guru
Posts: 1843
Joined: Sat May 05, 2018 11:55 am

Re: Manage router via VPN

Thu Jun 09, 2022 1:15 am

The default firewall rules have add action=drop chain=input comment="drop all not coming from LAN" in-interface-list=!LAN so VPN connections would be blocked by default. Ping works due to the rule before this add action=accept chain=input comment="accept ICMP" protocol=icmp.

You could either add an additional rule before the drop rule, add the VPN interface to the LAN interface list, or change the exisiting rule to be less restrictive, e.g. add action=drop chain=input comment="drop all coming from WAN" in-interface-list=WAN.
 
JokeRBY
just joined
Posts: 8
Joined: Fri Apr 27, 2018 1:54 pm
Location: Wroclaw
Contact:

Re: Manage router via VPN

Thu Jun 09, 2022 1:54 am

For start, try to add fw rule
/ip firewall filter add chain=input dst-port=80 protocol=tcp src-address=192.168.100.0/24 action=accept comment="Allow Web-GUI from VPN"
Change port if you have other than default, change VPN network and put before drop input rule.

Who is online

Users browsing this forum: No registered users and 43 guests