Thanks Elbert for your answer. Unfortuanetly this does not solve, what i was looking for. My Situation: Firewall-Adresslist: Name "VPN" contains www.dnsleak.com IP route and rule is to route these entries of addreelist "VPN" through my VPN -> works! But the dns reqeusts for this ...

Hello.

I am looking for a solution to route only these dns request through a vpn, wich addresses are stored in an addresslist.
All the others should be route to default local dns server.

which firewall rule would fit?

regards

nobody any suggestions? am i the only one, who has such configurations?

regards - mali

Try this here: https://wiki.mikrotik.com/wiki/Manual:I ... entication

Check this and take option 2.
https://wiki.mikrotik.com/wiki/IKEv2_E ... d_RouterOS

And what does the DHCP state as DNS server? It should be the router itself.

Yes

Hey. Did you add a static route to your dns server through the tunnel? no thats not possible, cause of dynamic ip addresses! And there is no interface... Do have a manually entered IP-address entered in /IP DNS? Also under PPPoE remove the ticked box for use peer DNS. Restart PPPoE and you should h...

You can see the name (that's what is saved in config) and you can also see resolved address(es), which happens automatically at startup or when you add the item. Addresses are valid until record's TTL expires and then they are resolved again. Thx, thats the way i expected it suposed to be. Now i kn...

Thx very much.
My question is solved now.
I do not need a script to delete entries, just update them and be sure there are always correct dns names corresponding to there is address.

Hello. My Situation: RouterOS is IKEv2 Server for roadwarriors access, works fine. RouterOS has VPN Tunnel to FritzOS, works fine. Access to FritzOS network from RouterOS and his clients, works. My Goal: Roadwarriors should be able to access network behind FritzOS. My Problem: it's not working :) an...

Hello. I have an ikev2 tunnel to my vpn isp (mikrotik ikev2 client) like described here with option 2: https://wiki.mikrotik.com/wiki/IKEv2_EAP_between_NordVPN_and_RouterOS . Every thing is fine, but my dns request to this specific dns names which are stored in firewall access list, still are reques...

Hello. My situation: I have a script, wich checks my entries (dns names) in my firewall access list and rewrites the checked ip. this script runs everty 60 sec. My question: is it nessesary to do this? is there not a check in routeros inside, which checks for example TTL and corrects the new ip auto...

what a pity...
i thought that would be an easy configuration think, like in an option in openvpn "push def. gw"..
thx for your reply.

if anybody has another suggestion, you are welcome

hello. i have vpn server activated on mikrotik and connected client pushes all traffic through the vpn server. how do i configure a vpn server so that only traffic goes through vpn when is should access a remote ressource? ex. client is a mobil phone, vpn via l2tp/ipsec to mikrotik, remote ressource...

Hello. I am looking for a solution for doing following steps via script! 1. count all available users with a specific profile, if count < 10 then 2. generate users (like in GUI via batch) 3. generate vouchers for the new created users and send via email or save on internal storage (like in GUI) Unfo...

IP->Firewall (Forward allow only for these ip's in that desired network)

hi at all. i would like to create a workaround for a "seamless roaming". 1 capsmann and 2 aps is there a possibility via scripting to check (on envent or every 10 sec.) if the singal strengh of the clients from connected ap is under 55 dbm and if so is there an other ap with better signal,...

hi, 1. enable in client.conf "route 10.10.100.0 ...." 2. try to connect with oney ONE client to server and lock if local network is available (first via IP not hostname) 3. do not asign the same ip addresses to you lan interface and vpn interface, check to different after that you can try ...

try this here:

viewtopic.php?f=13&p=624891#p624891

sound like you would like add a new route!?
IP->route
there you are able to add your network from azure and gateway to azure

is this your goal?

hi, you can use my settings as basics maby? https://forum.mikrotik.com/viewtopic.php?f=13&t=127119 here are some more usefull advises: https://www.google.de/search?q=mikrotik+basic+firewall+rules&oq=mikrotik+bas&aqs=chrome.0.69i59j69i60l2j69i57j69i60j0.7697j0j7&sourceid=chrome&ie...

Hi everybody, this here is maby a tutorial and furthermore a question! I would like to transfer traffic only for some addresses over my vpn tunnel. Unfortuanetly my DL and UL rate is very slow, so i am not sure if i setup everything correct, but basicly it works!!! Would be fine, if anyone would loo...

other way from webfig or winbox: go to System - Routerboard - Settings: select: boot device=try-ehternet-once.... so routerboard starts in netinstall mode only next reboot and u should be able to use netinall and flash the new firmware, for me it worked until now perfekt on my little hap lite. PS: w...

Hi,

sry, but i do nat really understand what do u really want too.
Give us a liitle more information...

dstnat will not work for outgoing traffic.

dstnat will only transfer traffic, which comes in router to your destination ip, so this would not work for u.
try output instead of dstnat.

Hi.

Use netinstall.

Hello.

Anybody got Mullvad VPN working on Mikrotik (RB2011UiAS-RM).
I got a Port (TCP) without LZO.

If i set a Certificate to Config, i receive a "tls failed" in log.
Without Certifcate log shows my Cipher a thats it...

After a while RB tries to reconnect, and so on...

Kind regards