Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
Nikita2020-02-24 17:44:41
VPN
Nikita, 2020-02-24 17:44:41

How to make access to subnets of branches through VPN?

First, I'll tell you how it all works.

There is a central office subnet 172.16.34.0/24 , and there are branch subnets - 192.168.200.0/24 (Branch 1) and 192.168.244.0/24 (Branch 2). Branch Mikrotiks are connected to the central Mikrotik via L2TP. The central Mikrotik address is 172.16.34.1, while the branch addresses are 192.168.200.1 and 192.168.244.1, respectively.

A PPTP server has been set up on the central Mikrotik, which issues IP addresses to PPTP clients from the 192.168.111.0/24 subnet .

When I connect to the central Miroktik from home (Linux), the branch subnets are not available . I see only a subnet of the central office. I tried to configure routes on my home computer through commandsroute add , but I still can't reach the branches.

How can I be able to see the branch subnets from my home PC via VPN (PPTP)? The route table on my home computer (Linux) is now:

172.16.34.0/24 via 172.16.34.1 dev ppp0 proto static metric 1 
172.16.34.1 dev ppp0 proto static scope link metric 1
192.168.200.0/24 via 172.16.34.1  dev ppp0
192.168.244.0/24 via 172.16.34.1  dev ppp0


On all Miroktik routes are registered. The central one sees the branch offices, and the branch offices see the central one.

What could be the problem? How to write the route correctly?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
W
Wexter, 2020-02-24
@Wexter

Your branches and server must also have a route to your network, or source nat on the server

Report
A
Alexey Dmitriev, 2020-02-24
@SignFinder

Use the traceroute command to find out where your problem is.
And keep in mind that all hosts on remote subnets must either have their office Mikrotiks as default gateways, and all routes to all remote subnets must be registered on Mikrotiks, or each remote host must have static routes to all remote networks.

Report
R
Ruslan-Strannik, 2020-02-25
@Ruslan-Strannik

write in secret the IP of the remote L2TP branch and their network there. example in spoiler

poke
5e54c35526b30903023637.jpeg

((local address - the address of the head router. You can immediately register it. (I have it registered in the pptp profile)))
in this way, on the head router, the route will automatically appear to the branch.
walking between these networks must be allowed by the firewall
on the branch routers you only need 3 things.
1. Setting up l2tp connection.
2. route
/ip route add distance=1 dst-address=172.16.34.0/24 gateway=192.168.200.2
3. allow firewall access to the network.

Report
A
alex911k, 2020-02-25
@alex911k

And I would configure OSPF and then redistribute the routes through RIP and give them to the tunnel (with a home connection). There is a listener under Windows rip. Under Linux, theoretically, it should also be. There was a good report on this topic https://www.youtube.com/watch?v=p9_9fumNDYM
The implementation is described in more detail there.

Similar questions
M
mrkotovsk12022-03-12 21:34:07
The most productive site-to-site Mikrotik tunnel? 1Reply
A
Andrey Fedorov2014-08-06 09:49:25
OpenVPN how to set push routes for only part of clients? 1Reply
K
Kanades2022-03-14 21:35:26
How to install in RF Vivado from XILINX? 2Reply
D
Dima2022-03-15 09:45:42
How to set up vpn in Opera GX so that there is an imitation of an entrance from Russia? 1Reply
M
Michael_Goldberg2022-03-16 14:11:19
Why does Vpn connect to windows via WireGuard, but after that the Internet connection stops working? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question