Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
vcrank2018-04-25 20:29:03
VPN
vcrank, 2018-04-25 20:29:03

How to set up connection to servers on aruba in Mikrotik vpn?

Good day.
For obvious reasons, a foreign VPN was needed. I paid attention to the aruba service.
I set everything up according to the manual - https://www.iphones.ru/iNotes/799076
It connects from Windows, traffic goes through the Czech Republic. Everything is great.
Since everything works, I decided to transfer the VPN connection to the shoulders of the RB951G-2HnD router.
The router has an address of 192.168.1.1
An L2TP Client connection is created in the Interface. Specified the server, login, password, ipsec. Add Default Route enabled/disabled. Judging by the status, the connection is being established, but the traffic is still passing by.
I add a rule to NAT

action=masquerade chain=srcnat out-interface=l2tp-out1
. Just in case, I put the rule first. Still no activity.
5ae0ba21544f7276253115.jpeg
And I just can’t figure out how to let all traffic (for starters) through the VPN. In the future, if only certain addresses would be opened via VPN. Maybe the instructions for raising the VPN need another one? For example, you need to raise OpenVPN Server or something else...

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
V
vcrank, 2018-04-27
@vcrank

I don't understand why the solution from Maxim didn't work.
I did a little different actions (an article on the Internet) and it worked
Add an IP that needs to be passed through the tunnel
/ip firewall address-list add address=178.63.151.224 list=vpn
Add NAT through a vpn connection, add another default route through the l2tp interface -out1 (name of your connection) for vpn marked packets and specify the rule for marking these packets for IP addresses from the vpn list:
/ip firewall nat add action=masquerade chain=srcnat out-interface=vpn-usa
/ip firewall mangle add action =mark-routing chain=prerouting dst-address-list=vpn new-routing-mark=vpn passthrough=no
/ip route add dst-address=0.0.0.0/0 gateway= l2tp-out1 routing-mark=vpn

Report
S
Shamil, 2018-04-26
@jawakharlal

tools-ping - from there, see if the channel is working or not
, and also as an option 0.0.0.0/0 eth1 distance 2 set (well, this is not 100%)

Report
M
Maxim, 2018-04-26
@gh0st_max

See the article https://habr.com/post/337426/
Good comment from AcidVenom 09/10/17 at 23:36
This marks the connection
/ip firewall mangle add chain=prerouting src-address=192.168.0.0/24 dst-address-list =AnotherGWList action=mark-routing new-routing-mark=AnotherGWRoute
This is the route for tagged
/ip route add distance=1 routing-mark=AnotherGWRoute gateway=*your_GW*
Well, this is the resource to be routed through the desired gateway.
/ip firewall address-list add address=linkedin.com list=AnotherGWList
Next, simply add the desired resource to the address lists named AnotherGWList.

Similar questions
S
Serezha2015-07-30 18:36:34
wifi hotspot raspberry pi? 2Reply
O
one__for__one2019-12-07 15:49:17
What is the best VPN server for torrenting? 5Reply
R
redcircle2019-12-08 00:17:52
What VPN settings to use for Mac? 1Reply
A
Arkadii0262017-07-12 13:59:00
How to properly organize a VPN on MikroTik? 3Reply
Y
Yuri2017-07-18 02:29:33
VPN client for Android 2.3 - which one do you recommend? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question