I have recently successfully established an L2TP/IPSec VPN connection between two Mikrotik routers in two different geographical locations.

For Example Purposes:
Public IP A: 155.34.35.36
Public IP B: 156.33.32.31
LAN A: 10.0.0.0/24
LAN B: 10.0.1.0/24
VPN A: 172.0.0.0/24
VPN B: 172.0.0.250

I can PING from Router B the local address from A of 172.0.0.1 and on Router A I can PING the local address from B of 172.0.0.250. The connection is solid no problem.

But what I cannot do is from Router B I cannot ping/rdp into a computer from Router A. So if I PING 10.0.0.20 for example. I will get a timed out response.

What am I missing to make this happen correctly?

Thanks!

You need to make sure that routers at both sides, know what networks are present at the other end of vpn.

To do that, add to routing tables routes for the required networks with 172.0.0.x as gatways. -> so on site A for 10.0.1 and on site B for 10.0.0

This has helped! To a degree.

I added 10.0.0.0/24 to Router B
I added 10.0.1.0/24 to Router A

I can now ping 10.0.0.1 from Router B
I can now ping 10.0.1.1 from Router A

But I still cannot ping for example 10.0.1.40 from Router A. I still get a timed out response on this attempt.

But I still cannot ping for example 10.0.1.40 from Router A. I still get a timed out response on this attempt.

You'll need forward firewall rules to allow the other network, or you could choose an interface (but L2TP are usually dynamic).

So correction. From router B I now appear to be able to ping any device from Router A in the 10.0.0.0/24 range.

From router A I do not appear to be able to ping any device in the router B range of 10.0.1.0/24 range except 172.0.0.250 and 10.0.1.1.

Thoughts?

Posted before I saw the reply!

We appear to be working from both ends now. Thank you everyone!