Community discussions

MikroTik App
 
someonebw
just joined
Topic Author
Posts: 1
Joined: Fri Aug 12, 2022 5:39 am

in nat model “gre tunnel keepalived reply packet ” error(src ipaddress is wanip)(chr 7.4 version)

Fri Aug 12, 2022 6:03 am

The problem in my case occurs when routers is deployed in nat mode

The network architecture is as follows
Image

huawei-usg-fw enables keepalive;so routeros only replay keepalive packet

keepalive packet from huawei-usg-fw
Image

routeos send gre keepalive replay packet
but source address is wan ip;so the gw will drop this packet ;must local address
Image

#pcap file
#
no.70 huawei-usg-fw send keepalive packet
no.71 routeos remove the gre header ;will send‘s packet
no.72 routeos send gre keepalive replay packet(use ether2's mac(in routeos config use source route to ether2 out),but this packet src address use the wan ip;so gw will drop this packet)
You do not have the required permissions to view the files attached to this post.

Who is online

Users browsing this forum: No registered users and 14 guests