How to set up MikroTik routing?

P

Pasha Ignatiev2018-11-12 15:58:19

Mikrotik

Pasha Ignatiev, 2018-11-12 15:58:19

3 microtic. Between them sstp, R1-server. There are routes from the NetWork1 network to NetWork2 and to NetWork3 on the R1 router (and the like on the others). Pings go from R1 to R2 and R3.
But.
R3 and NW3 are not pinged or seen from the NW2 network, and vice versa, R2 and NW2 are not pinged from NW3.
R1

/ppp secret
add local-address=10.253.0.1 name=sstp1 password=password remote-address=10.253.0.2
add local-address=10.253.0.1 name=sstp2 password=password remote-address=10.253.0.3
/interface sstp-server
add name=sstp-in1 user=sstp1
add name=sstp-in2 user=sstp2

R2

/interface sstp-client
add authentication=mschap2 connect-to=1.1.1.1:9443 disabled=no name=sstp-out1 password=password profile=default-encryption user=sstp1 verify-server-address-from-certificate=no
/ip route
add check-gateway=ping distance=10 dst-address=10.10.10.0/24 gateway=10.253.0.1

R3 - almost identical to R2 settings, adjusted for sstp login
What routes should be added to connect NW2, NW3, R2 and R3?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

D

Dmitry, 2018-11-12
@pafflootiy

The VPN server already knows the routes to all clients (but only clients, because route /32)
Clients know only about the VPN server (also /32 routes). In order for client routers to see each other, you need to specify on all clients the route to the VPN _network_ through the VPN server. And yes, what would work - the return route must exist.