Hello
I just installed a new MikroTik router for a remote customer. It is a really beautiful piece of hardware.
I managed to install the basic functions and an external proxy server, because the possibilities of the built in proxy are too limited. I have external access through pptp and ssh.
Now I need to have the ability to surf through the vpn connection for sharing the same conditions as the remote customer for monitoring what is filtered or not by the proxy. The settings of the vpn server are the default ones.
My vpn client sets the ppp local interface as default gateway, and when I am connected, I am able to access the remote servers at the office of my customer, but not to surf on the www.
I am ready to post all the necessary /ip settings but before doing that, perhaps some of you can tell me if I have oversee something. Is it v.gr. necessary to add a filter rule in the output chain or is it enough in the nat rules to masquerade the outgoing traffic coming from the IP adresses of the vpn clients?
Thanks for helping.
Pierre
-
-
Revelation
Member
- Posts: 336
- Joined:
Re: How to surf through a vpn connection?
Here is what I posted in another thread that solved the issue for me after I got to tinkering with it.
It's interesting....
So I was playing around with L2TP when I got off of work and setting it up so I could reach back out onto the internet. I got it working rather trivially...
I added the VPN pool ip address range to my Networks tab under DHCP server.
I then created a new src-NAT with masquerade specifically for the VPN network. My VPN connected device, iPhone, could then reach back out onto the internet - where as it could not before.
I could then disable that specific src-nat and it still worked.
Just something you can try.
Re: How to surf through a vpn connection?
Yeah, I tried this because it came as a kind of default setting. This is how my NAT table looks like, but the rule about vpn is never reached.Here is what I posted in another thread that solved the issue for me after I got to tinkering with it.
It's interesting....
So I was playing around with L2TP when I got off of work and setting it up so I could reach back out onto the internet. I got it working rather trivially...
I added the VPN pool ip address range to my Networks tab under DHCP server.
I then created a new src-NAT with masquerade specifically for the VPN network. My VPN connected device, iPhone, could then reach back out onto the internet - where as it could not before.
I could then disable that specific src-nat and it still worked.
Just something you can try.
Code: Select all
0 ;;; outgoing traffic from proxy
chain=srcnat action=masquerade src-address=192.168.8.2
out-interface=all-ppp log=no log-prefix=""
1 ;;; masq. vpn traffic
chain=srcnat action=masquerade src-address=192.168.89.0/24 log=no
log-prefix=""
2 ;;; default configuration
chain=srcnat action=masquerade out-interface=all-ppp log=no
log-prefix=""
3 ;;; forward incoming ssh to ocean
chain=dstnat action=dst-nat to-addresses=192.168.8.2 protocol=tcp
in-interface=all-ppp dst-port=22 log=no log-prefix=""
Re: How to surf through a vpn connection?
Hello, James Houston 135Its simple dear. just install the setup of your favorite vpn service providers and follow the instructions but normally users are faing problem with their io9 version so if you are using i09 then its might little bit change.
I just set up a pptp vpn server with a DCHP server. I didn't find how to do this, until I found this post: http://www.urosvovk.com/step-by-step-ho ... -routeros/.
I also can surf through the vpn connection since I masquerade all outgoing traffic from vpn subnet.
So it works, thank you.
However, I don't understand what you mean with io9 version (or i09). My Router OS is 6.33.3 (stable).
-
-
pamelabryant454
just joined
- Posts: 3
- Joined:
Re: How to surf through a vpn connection?
[color=rgba(0, 0, 0, 0)]what about just using hotspot shield which is a free app? Does it work and how well? I am sure it is not as good as this plan but most of us are casual users of public hot spots. thanks for the inpu[/color]