Community discussions

MikroTik App
  4. RouterOS
  5. General

Routing Problem (VPN)

Post Reply
 
User avatar
plam40
newbie
Topic Author
Posts: 29
Joined: Tue Feb 21, 2006 1:27 pm
Location: Greece

Routing Problem (VPN)

Thu May 10, 2007 5:17 pm

:!: Hi, I got the following problem :

I got a VPN (pptp) conection to office A . The pptp server asigns me 192.168.250.40 ip address. At the mean time I need to route 192.168.0.0/16 via this VPN. But there is no gw to put cos actualy these are reachable . Please help me ... I am not good at routing at all !
Top
 
User avatar
plam40
newbie
Topic Author
Posts: 29
Joined: Tue Feb 21, 2006 1:27 pm
Location: Greece

Thu May 10, 2007 6:53 pm

I need to add that this was a setup on a windows XP machine .
There was a VPN connection to office A + a batch file contaning the following line :

route add 192.168.0.0 netmask 255.255.0.0 gw 192.168.250.40

this lets the windows machine to have access to all host on 192.168.0.0 network.

Please guys tell me how to achieve that with MT .
Top
 
cmacneill
Member Candidate
Member Candidate
Posts: 293
Joined: Sun Apr 01, 2007 10:51 pm
Location: Christchurch, New Zealand

Fri May 11, 2007 5:36 am

Using Winbox:-
  • 1. Click PPP.
    2. Click +
    3. Select PPTP Client
    4. Enter appropriate information for remote PPTP server. Leave "Add Default Route" unchecked, otherwise everything will be routed over this connection.
The local IP address is provided by the remote server and a route should be automatically created locally. However, if you want access to anything on the remote LAN, if the PPTP server is not already the default route you will need to add routes as appropriate.

The MT documentation at http://www.mikrotik.com/testdocs/ros/2. ... e/pptp.php has some good examples.



Regards


Chris Macneill
Top
 
User avatar
plam40
newbie
Topic Author
Posts: 29
Joined: Tue Feb 21, 2006 1:27 pm
Location: Greece

Fri May 11, 2007 12:31 pm

Thank you for your fast response , but my question is still open !
I did not ask how to make a pptp connection, this is a peace of cake!
It is all about routing. You were kind enough to explain how to make the pptp but not eplain how to make the routing ? You say check the manual ... well I think that the manual also explains how to make pptp ...
well , so it comes that for the things we know how to - we write .... and for the things we dont know we just say " you should look at the manual "
:)
Thanks any way !

Let me give some more details :

The remote pptp server is giving the following IP :

192.168.250.40 network 192.168.0.7

And the question is how to make a route that tells my box that all addresses from network 192.168.0.0/16 are available via the pptp interface ?
Top
 
User avatar
guaidetian
just joined
Posts: 15
Joined: Wed May 09, 2007 6:52 am
Location: zhengzhou;henan;china

Fri May 11, 2007 1:28 pm

The remote pptp server is giving the following IP :

192.168.250.40 network 192.168.0.7

add the network to your routelist as gateway
dst-add 0.0.0.0 gateway 192.168.0.7
Top
 
User avatar
plam40
newbie
Topic Author
Posts: 29
Joined: Tue Feb 21, 2006 1:27 pm
Location: Greece

Fri May 11, 2007 1:43 pm

Thank you guaidetian !

I tried what you advice with no luck :(

[plam40@TheWall] ip route> pr
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf
# DST-ADDRESS PREF-SRC G GATEWAY DIS INTERFACE
26 S 0.0.0.0/0 u 192.168.0.7
Top
 
User avatar
guaidetian
just joined
Posts: 15
Joined: Wed May 09, 2007 6:52 am
Location: zhengzhou;henan;china

Fri May 11, 2007 2:19 pm

give me all of you route list
maybe you need to mark routing
/ip fir mangle
add chain=prerouting in-interface=lan src-address="your local ip address" action=mark-routing new-routing-mark=vpn passthrough=yes comment="" disabled=no

/ip route
add dst-address=0.0.0.0/0 gateway="the gateway of your out interface,but not your vpn network" scope=255 target-scope=10 comment="" disabled=no
add dst-address=0.0.0.0/0 gateway="vpnnetwork" routing-mark=vpn scope=255 target-scope=10 comment="" disabled=no
Top
 
User avatar
plam40
newbie
Topic Author
Posts: 29
Joined: Tue Feb 21, 2006 1:27 pm
Location: Greece

Fri May 11, 2007 2:39 pm

Well i do apriciate your help but the question is clearly a matter of the routing .

The result that must be achieved is : Adding a working route for the network 192.168.0.0/16 without having a GW on that network :)

in windows you simply tell the machine which Interface to youse to reache the desire address ... but here in the world of MT is not working

If I try to put a route with no GW , it would give me an error message !
If I try to put a route with GW the pptp interface it just wont work !

Well is there anybody that really knows how the things work ?

I am asking again please help me ... or should I write to support ?
Recenly I've purchased level 6 for my main box , may be this makes sense ?
Top
 
cmacneill
Member Candidate
Member Candidate
Posts: 293
Joined: Sun Apr 01, 2007 10:51 pm
Location: Christchurch, New Zealand

Sat May 12, 2007 2:31 am

If you actually read the information at the link I gave you, you will find the information IS there. There are worked examples on how to setup a PPTP connection INCLUDING information on what routes to setup.

Here is the line that should work for your setup.
Code: Select all
/ip route add dst-address 192.168.0.0/16 gateway 192.168.250.40
You don't say what equipment is at the server end, but it is likely you'll need to add a route there to route packets back to the local network.

Also the client end network must NOT be anything 192.168.x.x otherwise it won't work. Local network needs to be 10.x.x.x or 172.16.x.x. Alternatively you need to alter the netmask at the server end to free up some 192.168.x.x address space.

I'm currently trying to get my PPTP connection working, so some of this information is subject to verification.

If it still doesn't work for you, you'll need to give more details, e.g. local address ranges, what is the server end, an MT router or some other PPTP server?



Regards

Chris Macneill
Top
 
User avatar
plam40
newbie
Topic Author
Posts: 29
Joined: Tue Feb 21, 2006 1:27 pm
Location: Greece

Sat May 12, 2007 2:38 am

Thank you Chris, my local pptp is working as a charm , got no problems with it !

The only thing not working is a pptp for a client's office which connects to another country ... which makes not possible any changes on the remote site :)

and about the example route you give me ... yes it was the first thing i tried but it daoes not work ... even if it is strange to you :)

we need an expert here :)
Top
 
cmacneill
Member Candidate
Member Candidate
Posts: 293
Joined: Sun Apr 01, 2007 10:51 pm
Location: Christchurch, New Zealand

Sat May 12, 2007 4:56 am

I've been working on IP networks for over 17 years, so I'm not exactly a novice and although modesty prohibits me from calling myself an expert, others have mentioned the title guru from time to time. :-)

With MikroTik you learn something new everyday.

I've got my PPTP connection working, basically MT seems to work the opposite way round to what you might expect.

The gateway address is the IP address of the server, not the client end.

So in your case the following should work:-
Code: Select all
/ip route add dst-address 192.168.0.0/16 gateway 192.168.0.7
However, this assumes the client end network is NOT 192.168.x.x and that a route has been entered into the server with a gateway of 192.168.250.40 to route back to the client network.
Top
 
User avatar
plam40
newbie
Topic Author
Posts: 29
Joined: Tue Feb 21, 2006 1:27 pm
Location: Greece

Thu May 17, 2007 8:14 pm

Thank you cmacnelly
Code: Select all
/ip route add dst-address 192.168.0.0/16 gateway 192.168.0.7
This is very right ... :)

Its just some times i am loosing concentration i have 4 routers and i made mistake by puting te route rull to another one !!!

Thanks again , sorry for not trusting you !!!!!!!

:roll:
Top
Post Reply
  4. RouterOS
  5. General