MikroTik

Sorry for repost, somehow my previous post disappeared?

Attach is how I setup my network and I have problem getting internet connectivity and cannot access the LAN devices in 192.168.1.x
I can connect though but just nothing. Followed the wiki and write up etc, still don't work.

Any help is very much appreciated please. Thank you.

Did you enable proxy arp on the LAN interface?

Did you enable proxy arp on the LAN interface?

how do i do that?

Goto the LAN interface and in the ARP section, choose proxy-arp.

Goto the LAN interface and in the ARP section, choose proxy-arp.

just realised, yes it is already proxy-arp.

Hello,

In your L2TP_Profile, your local address seems to be wrong, it should be 192.168.1.1 instead, isn't it?

I'm only running one MT, this works for me, your screen prints look very similar.

http://mikrotik.patokatech.com/

I can't tell from the pdf if you are NAT'ing the VPN traffic to be able to reach the Internet, but I could see that you seem to be missing the src-nat rules for IPSEC. I also agree that it does not make sense to terminate your VPN at 192.168.1.40 when the router is already 192.168.1.1. Usually, I make the local address something that is within the subnet of the remote address. As for the firewall, I believe you will also need to open up the GRE protocol for IPSEC. One last thought, you may have to use PBR or and exclusion rule to ensure that the VPN connection is not using the PCC. Try troubleshooting it this way:
Can the L2TP tunnel reach the Internet or the LAN with out the IPSEC? If not, try disabling the firewall and see if that helps.

In order to understand what is breaking down, we know at which step in the process is it breaking down. Does the L2TP tunnel work? If not is it the rules in the Firewall that are preventing it from working? If it is working, then is it the IPSEC portion that is breaking down?

Were you ever able to resolve this problem?

Hello Team, I hope you are all fine.

I have some problem with my Ipsec vpn between multiple sites. my 5 sites are connected with same ISP through MIKROTIOK ROUTER IPSEC TUNNEL. sites are a,b,c,d,e. a site is my head office and b,c,d,e sites is my clients(branches). all clients are connected with head office (a) through ipsec tunnel and working properly.But problem is that (b) not connected to (c,d,e) and (c) not connected to (b,d,e) and (d) not connected to (b,c,e) and (e) not connected to (b,c,d). Other words is (b,c,d,e) are not connected to eachother. All sites have different subnets.
Kindly give me some help that what i do work on my head office mikrotik router (a).

Although i was add subnet on routes opetion of my branches. but issed are same.


Regards
Sohaib

Without seeing your config... my first guess would be that you need the routes and the polices set correctly. Each IPSEC tunnel will need the polices set for each subnet that is passing through it and each client will need a routing statement of where to find those subnets.

How do i export my settings?

yes problem is still not solved.

Goto the terminal and type: Then you can copy and paste your configuration onto the forum.