I have encountered a very strange problem and either I am missing something obvious or it's a miracle
I have two sites A and B.
Site A:
Public IP - 1.1.1.1
LAN 10.201.1.0/24; LAN gateway (mikrotik) 10.201.1.1
Site B:
Public IP - 2.2.2.2
LAN 10.201.2.0/24; LAN gateway (mikrotik) 10.201.2.1
Both sites are working well as far as their internet connectivity is concerned. Clients can access internet etc.
What was working was also a GRE tunnel with IPSEC between the two sites. Now this is no longer the case. I am not sure what happened (there was a power outage at one of the sites), but certainly noone was messing around with configuration.
What is strange, Site A cannot ping Site B Public IP and vice versa. Well, to be precise... It only works if I login to Mikrotik at site A, choose ping and specify interface eth1. Then pinging Site B works. Same goes if I do it from Site B to Site A.
As soon as I choose a different interface or if I use a client connected to LAN then ping times out.
That being said, I have ruled out a firewall issue at both ISPs. Since I can ping when I specify eth1 interface, then I suppose it can't be them. Also traceroute confirms that when eth1 is the interface, then it nicely shows all hops to the other site.
I checked my firewalls. I have automated lists that build up with IPs of "Intruders", but the public IP of the other site is not listed.
Just to make sure, I either deleted or disabled all things related to GRE tunnel.
I checked ARP table - no entries for given Public IPs.
I checked routing table - found nothing suspicious there.
But since I am no expert either, I just might be missing something. Right now I am stuck as this does not make sense.
If you have any ideas, please come forward with them
Thank you.
Brandon.
EDIT #2 - I am removing my configuration which was previously posted here...
Code: Select all
...configuration was removed...