Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

L2TP+IPSec server behind Mikrotik NAT

Locked
 
pito
just joined
Topic Author
Posts: 7
Joined: Fri Mar 06, 2015 3:41 am

L2TP+IPSec server behind Mikrotik NAT

Tue Dec 18, 2018 3:20 am

Server L2TP 192.168.1.4
Succsesful connect to server from 192.168.1.0/24
===========
Mktk FWNAT 192.168.1.1
added rules
1. chain=dstnat action=dst-nat to-addresses=192.168.1.4 to-ports=500 protocol=udp in-interface-list=ISP dst-port=500 log=no log-prefix=""
2. chain=dstnat action=dst-nat to-addresses=192.168.1.4 protocol=ipsec-ah in-interface-list=ISP log=no log-prefix=""
3. chain=dstnat action=dst-nat to-addresses=192.168.1.4 protocol=ipsec-esp in-interface-list=ISP log=no log-prefix=""
4. chain=dstnat action=dst-nat to-addresses=192.168.1.4 to-ports=1701 protocol=udp in-interface-list=ISP dst-port=1701 log=no log-prefix=""
5. chain=dstnat action=dst-nat to-addresses=192.168.1.4 to-ports=4500 protocol=udp in-interface-list=ISP dst-port=4500 log=no log-prefix=""
==========
Cant connect.
In log just 1 packet 131B to 1701 (udp) by rule 4. No moves back! =(

P.S. MS recomendations to create REG DWORD key AssumeUDPEncapsulationContextOnSend tryed
Top
Locked

Who is online

Users browsing this forum: No registered users and 23 guests
  4. RouterOS
  5. Beginner Basics