Community discussions

MikroTik App
 
giorgio183
just joined
Topic Author
Posts: 1
Joined: Tue Jan 31, 2023 11:02 pm

help request for this strange project

Thu Feb 02, 2023 7:48 pm

hello to all. I am absolutely new to the Mikrotik world but I think it is the most versatile router I know and that maybe, with your help, it will solve my problem
I have this situation
(device)-----lan (192.168.88.x)----(hapac3)----lan (192.168.88.x)---(Server)
in this case hap work as a normal switch, the server use the device for some controls and it work only if both are on same lan (layer 2)
The target should be this
(device)(VPN)-----internet----(VPN)(carrier router)---lan (192.168.1.x)--(VPN)(hapac3)--lan (192.168.88.x)----(server)
and in case of emergency
(device)(VPN)-----internet----(cellphone with thetering)-- USB-(VPN)(hapac3)--lan (192.168.88.x)----(server)

Note:
I can open some ports on carrier router but not change IP addresses as well I would like keep separated the lan 192.168.1.x and 192.168.88.x but with the possibility of each lan see the other and access the other lan.

I understan what I must
Create a ppp pool for the "device" to work with the server)
Create keys and certificate for the openVPN server inside hapac3
Create a user for the vpn
Create a ddns for the hapac3 (the external public address with some NAT rules on the carrier router to reach the hapac3
Activate the openVPN server

all done but not work
I can not extabilish the VPN (timeout)
Any suggestion? any test to do? I forget something or my project not work (is impossible)?

Thank you so much, sorry for my bad english and Regards from Italy
Giorgio
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: help request for this strange project

Thu Feb 02, 2023 10:01 pm

Yes.
1. network diagram
2. much clearer description of users need without any mention of config

a. identify each user/device or groups of users/devices
b. what traffic they should be able to execute
c. what traffic they should not be able to do.

A config will fall out naturally.........

Who is online

Users browsing this forum: deadmaus911, karlisi, onnyloh, own3r1138 and 78 guests