Hello,

my VPN Configuration Works and i can connect with my iOS device to my Router...
i can connect to any ip in the world wide web too...
i can connect to the Router IP 192.168.1.1
BUT !!!!
i dont can connect to the other ips on my LAN (192.168.1.2 - 192.168.1.254)

i need to make a forward rule or something ?

proxy-arp is on etc.

here some of my config

1 name="L2TP-VPN" local-address=192.168.1.1 remote-address=192.168.1.211
use-mpls=default use-compression=default use-vj-compression=default
use-encryption=default only-one=default change-tcp-mss=yes address-list=""
dns-server=192.168.1.1


[admin@x] > /ppp active print
Flags: R - radius
# NAME SERVICE CALLER-ID ADDRESS UPTIME ENCODING
0 nwa l2tp 80.187.*.* 192.168.1.211 1s
[admin@x] >

[admin@x] > /ip firewall filter print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; default configuration
chain=input action=accept protocol=icmp log=no log-prefix=""

1 ;;; default configuration
chain=input action=accept connection-state=established log=no log-prefix=""

2 ;;; default configuration
chain=input action=accept connection-state=related log=no log-prefix=""

3 ;;; VPN
chain=input action=accept protocol=udp dst-port=500,4500,1701 log=no log-prefix=""

4 chain=input action=accept protocol=ipsec-esp log=no log-prefix=""

5 X chain=input action=accept protocol=ipsec-ah log=no log-prefix=""

6 X chain=input action=accept in-interface=sfp1 log=no log-prefix=""

7 X ;;; default configuration
chain=input action=drop in-interface=all-ppp log=no log-prefix=""

8 ;;; default configuration
chain=forward action=accept connection-state=established log=no log-prefix=""

9 ;;; default configuration
chain=forward action=accept connection-state=related log=no log-prefix=""

10 X chain=input action=drop in-interface=all-ppp log=no log-prefix=""
[admin@x] > /ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=masquerade out-interface=pppoe-out1-NC log=no log-prefix=""

1 chain=srcnat action=masquerade out-interface=pppoe-out2-T log=no log-prefix=""
[admin@x] > /ip firewall mangle print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=prerouting action=accept in-interface=pppoe-out1-NC log=no log-prefix=""

1 chain=prerouting action=accept in-interface=pppoe-out2-T log=no log-prefix=""

2 chain=prerouting action=mark-connection new-connection-mark=wan1_conn passthrough=yes dst-address-type=!local
per-connection-classifier=both-addresses-and-ports:2/0 log=no log-prefix=""

3 chain=prerouting action=mark-connection new-connection-mark=wan2_conn passthrough=yes dst-address-type=!local
per-connection-classifier=both-addresses-and-ports:2/1 log=no log-prefix=""

4 chain=prerouting action=mark-routing new-routing-mark=to_wan1 passthrough=yes connection-mark=wan1_conn log=no log-prefix=""

5 chain=prerouting action=mark-routing new-routing-mark=to_wan2 passthrough=yes connection-mark=wan2_conn log=no log-prefix=""

6 chain=prerouting action=accept dst-address-list=exempt-from-pcc log=no log-prefix=""
[admin@x] >

Same Problem - Do you found a solution?

Are you trying to communicate from VPN to LAN clients? If you are did you bridge them?

I have same problem... I've tried on OSX and Windows.

I can establish VPN L2TP/IPSEC, but I CAN'T FIND / PING all machines or devices behind VPN (LAN clients). Yet, it appears to be a "random problem" since it's not a specific ip or range. I.e: sometimes 192.168.0.1 is reachable and sometimes not. So weird.

SystemErrorMessage, you said something "bridge them". How can I check this?

Thanks,