Hello,

I have 5 rb450's I am in the process of setting up for my work. I am trying to setup tunnels between all of them. 4 of them will be in the field, all connecting back into our 'HQ'. But all of them need to be able to communicate with each other and the 'HQ' needs to be able to access all of them.

I tried out this tutorial which seemed exactly what I was needing: http://wiki.mikrotik.com/wiki/PPTP_VPN_ ... tal_Office

I have managed to make my home rb450 ( is 3.17 ) connect to my work, and am able to ping all machines on my work network. But from my work rb450 I cannot ping any machines on my home network ( other then the gateway ) As for the routes I checked, re-checked, and checked again and could not see any issue with them. I ended up just scrapping the accounts and decided to start fresh.

Anyone have any clue what I might be missing?

Thanks!

Sounds like a route problem.

Thats what I was thinking intially, so I looked at the routes on my home mikrotik. I then duplicated the route ( obviously changing addresses ) onto my work router.

This step -

Now my addresses are different of course, my home network is 192.168.15.0. The router sits at 192.168.15.1

So I did this ( on the work router ) if I remember correctly.

That didn't work, and thats where I gave up and deleted the routes / secrets and decided to start over.

Your second route is incorrect. You need to use the IP of the PPTP connection not 15.1

Example:

PPtP Server 192.168.0.1/24
PPtP Pool 192.168.2.1/24


Remote client 192.168.3.1/24
PPtP's in to server and is give a 192.168.2.2 address

PPtP server should have a route of
ip route add dst-address 192.168.3.0/24 gateway 192.168.2.2

Thank you, i'll give that a try ( hopefully tomorrow ) I work at a daily newspaper so finding time to work on the network is difficult.

But for the moment, I have a new dilemma ( I just can't win )

I have a static ip at work, i've checked, double checked, triple checked the information entered into / ip addresses and I still can't get it to work.

If I enable dhcp client it pulls a dynamic ip and the connection is fine. I can then access our network remotely from the static IP. But, if I hit ipchicken.com from work it shows the dynamic address and not the static one.

So I disabled DHCP Client, nothing. No connection in or out.

I tried adding a route 0.0.0.0/0 with the gateway set as the gateway address of the static ip, nothing still.

Any ideas?

You have two WAN connections?

I do, but I haven't even started messing with that yet.

Right now i'm just trying to get the static from my Cox cable connection. It just won't work in or out if dhcp client is not turned on. When dhcp client is on, it pulls a dynamic address from the cable company.

Ahh. So you are pulling the dynamic IP but need to use the static?

Get rid of the dhcp-client.

Put in your static IP make sure your /xx netmask are correct.

You will need to add the gateway in something like this:

ip route dst-address=0.0.0.0/0 gateway=cable gateway.

You also need to make sure you have NAT rules setup.

If that doesn't work try power cycling your cable modem. It may make a difference.

Where are you located? There is probably a local consultant that can get you up and working faster than forum support.

I shot you a PM w/ the stuff i'm trying. Seems like i'm doing everything right, but I might have missed a step.

Greetings, fellow Cox Communications customer! I see you found the glitch in the Cox cablemodems.

To use the static IP you were issued, set your MT box up with the static ip and routes, then kill the power to your cablemodem for at least a minute. Do not try to use the dhcp again (or any other IP), or you will need to repeat this. It is an IP/mac address link internally that must be cleared. Cox techs can do it remotely if it refuses to reset.

We resolved it by PM. Turned out he was using the wrong IP info...

Well I had the right IP info, I fat fingered the gateway in the route I setup for it.