Answer the question
In order to leave comments, you need to log in
How to access local network via VPN and Mikrotik?
Good day everyone!
You need remote access to three microticks (1100ahx2), at first I tried to install IP-> Cloud, but since there are 2 more video recorders on the network, when I enter this address, it transfers the face of one of the recorders to the web. I solved the problem like this: I set up port forwarding on Nanostation (we get Internet from it), from port 777 to 192.168.5.2 (IP of the first mikrotik), it turned out, everything works, it comes in, I did the same for two other Mikrotiks, I forwarded port 888 to 192.168 .5.3, and port 999 on 192.168.5.4, doesn't let them in. Yesterday I couldn't beat them. I decided to raise the VPN (PPTP, yes, I know it’s not safe, after the normal setup I’ll try to raise L2TP / IPsec, or OpenVPN), everything is fine, I go from my home PC to 192.168. There is a 1C server / file cleaner on the network, if you enter the address \ \ 192.168.
How can you make access in such a way that it would be as if you are coming from the local network? That is, you press from your home PC - My Computer - Network, and see there the names of all the PCs that are currently on the network?
I apologize in advance for what may be stupid questions and a chaotic presentation for someone, but I'm still quite a novice in these matters :(
Answer the question
In order to leave comments, you need to log in
Without a config it is very difficult to help you. Do in the terminal - export compact and put it on pastebin.com/. Remove logins and passwords first, if any.
It's very strange why one port forwarded and the rest did not. Apparently you are confused somewhere.
This is exactly what a VPN does. You connect to the network and work already in it. If you do not see the names of computers on the network, then there may be other reasons for this, other than the settings of the router.
I know Mikrotik very well if you bother to ask clear questions and give clear answers , then I can help with any problem or point out ways to solve it.
I am attaching a network diagram, as it is done now:
What we want:
1) Remote access to all Mikrotiks (now only 192.168.5.2 #1) via VPN
2) Remote access to the local branch network (now through VPN and the first Mikrotik has access to local computers via IP, I would like that when connecting to a VPN, computers on the local network would be visible in the Network Neighborhood, since 16-18 more will be added to those computers that are now available this month)
Mikrotiki are connected like this:
The Internet comes to the first port from Nanostation, from the second port to the first port of Mikrotik No. 2, from port 3 to Mikrotik No. 3. The setup on the first Mikrotik is as follows:
All ports are combined into a bridge (the name of the LAN bridge), a DHCP server is raised, which distributes a pool of addresses 192.168.5.100-192.168.5.200, the "Allow Remote Requests" checkbox is checked in the IP-DNS menu, in Firewall - Nat there is one rule: Chain=srcnat , Out.Interface=LAN, Action=masquerade. There are two rules in the Filter Rules that allow access to port 1723 and 80, respectively, access via VPN and via Cloud on a web-face without a VPN connection.
On mikrtotic No. 2 and No. 3, all ports are combined into a bridge (the same name as LAN), the DHCP server is not raised on any of them, since it is raised on the first one.
So... now I've been climbing through the settings, I fixed the issue with remote access via LAN, but I don't know if this is correct or not:
It was before:
The IP address of Mikrotik No. 2 was specified in IP-Addresses - 192.168.5.3, No. 3 - 192.168.5.4
I deleted this entry, went into the IP-DHCP Client, Mikrotik received IPs, but from the pool 192.168.5.100-192.168.5.200, made them static for them and fixed them to 192.168.5.3 and 192.168.5.4, respectively. On Mikrotik No. 2 and No. 3, I made Renew for IPs, they got what they needed, the Internet immediately rose to them, and they started pinging like in LAN with a VPN connected, so if this setting is correct, question No. 1 is removed.
I hope I explained it better now, thanks :)
Sorry, but I personally don’t understand why you need these 3 Mikrotiks?
Okay 1, but why do 2a dead-end devices weigh in the bridge?
Bridge the 1C server port on the first Mikrotik...?
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question