Community discussions

MikroTik App
 
User avatar
Sahafi2001
newbie
Topic Author
Posts: 41
Joined: Mon Apr 12, 2021 3:22 pm
Contact:

Routing the vpn over a specific WAN

Tue Jun 06, 2023 10:56 am

Hello

How do I set up the router

5 internet lines have been load balanced and I have 2 VPN services set up for specific sites added in the address list.

What I want is

VPN use would be on a specific line and not everyone, also I want any connection to this line to be via VPN
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: Routing the vpn over a specific WAN

Sun Jun 11, 2023 6:46 pm

The description is a bit vague, but I assume you actually ask two separate questions:
  • how to make a VPN client running on the router always use a particular uplink
  • how to make only particular LAN side clients use a particular VPN client to access a particular site
Is my understanding correct? If yes, what type of VPN are we talking about (in terms of protocol like L2TP, IPsec, SSTP, not in terms of provider like Surfshark or ProtonVPN)?
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Routing the vpn over a specific WAN

Sun Jun 11, 2023 7:35 pm

A network diagram helps show what you wish to communicate and eventually will need to see your config
/export file=anynameyouwish (minus router serial number, any public WANIP information, keys etc....)
 
User avatar
Sahafi2001
newbie
Topic Author
Posts: 41
Joined: Mon Apr 12, 2021 3:22 pm
Contact:

Re: Routing the vpn over a specific WAN

Mon Jun 19, 2023 1:42 pm

The description is a bit vague, but I assume you actually ask two separate questions:
  • how to make a VPN client running on the router always use a particular uplink
  • how to make only particular LAN side clients use a particular VPN client to access a particular site
Is my understanding correct? If yes, what type of VPN are we talking about (in terms of protocol like L2TP, IPsec, SSTP, not in terms of provider like Surfshark or ProtonVPN)?
I am subscribed to a VPN service of the type L2TP Client. What I want instead of buying a router and making one of my own lines in it and using the VPN service in it and connecting it to the main router because this line does not work well unless the connections pass through the VPN service, because if I use it without VPN It gets interrupted because the number of connections is set by the service provider
 
zoreszk
just joined
Posts: 1
Joined: Mon Jun 19, 2023 2:57 pm

Re: Routing the vpn over a specific WAN

Mon Jun 19, 2023 3:05 pm

Hello!
I have a problem that I get two IP addresses from my service provider. I would like to use one of the public addresses for three internal networks, and forward the other public address to a dedicated server. How can I solve this?
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: Routing the vpn over a specific WAN

Mon Jun 19, 2023 5:17 pm

For L2TP, you can tell a particular L2TP client interface which particular own address of the router to use for the control & transport packets, overriding the normal choice made by routing. To make use of it, you have to use a routing rule saying that whatever has a source address of a particular WAN must use a dedicated routing table with a single default route via the gateway of that WAN. But this only works if the WAN address is static; if it is dynamic, you have to use an auxiliary local static address, not conflicting with any address in your LAN subnets and created solely for the purpose; in this case, the usual masquerade rules must make sure that the control/transport connection will be src-nated to the actual WAN address.

Another set of routing rules or mangle rules and another dedicated routing table will make sure that the chosen traffic will use the L2TP tunnel as an uplink.

If your ISP restricts the number of simultaneous connections, be aware that they may also restrict the bandwidth of a single connection, which is how your traffic will look like to them - a single UDP connection.

Who is online

Users browsing this forum: almdandi, Bing [Bot], DeltaCreek, Fasder, korg, ptoump, TeWe and 83 guests