Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
J
J
JaHher2015-06-25 09:07:49
Mikrotik
JaHher, 2015-06-25 09:07:49

VPN MikroTik - how to split traffic?

Good afternoon, comrades.
The point is this:
There is a main microtic with white static (more precisely, it is not there yet, I think which one will be better). And there are many branches - more than 30, each also has microtics like RB750. The subnets in each branch are different.
I would like to raise a VPN with the main Mikrotik as a server, the rest of the Mikrotiks as clients. But I want not all traffic to go through the tunnel, but only from certain ip-addresses of the client's local network. Those. the main traffic also went through the provider, but only some ip addresses through the VPN. There is also an idea to let all http traffic through a proxy to a proxy server raised on the same main Mikrotik.
I ask for help in setting up and advice on the model of the main mikrotik.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
C
Cool Admin, 2015-06-25
@JaHher

Colleague, in general, you can set up tunnels and raise routing without any problems. Use l2tp (if the client side is gray) or GRE (if the client side is white addresses), plus IPSec encryption in transport mode. You make routes either static (but at 30+ this is something else), or raise OSPF (in general, this is simple).
To route individual clients or a particular type of traffic - just use separate routing tables and traffic markings in the mangle. No proxy will be needed in this case.
In more detail, then:
1. The tunnels were raised, the routes were set up.
2. Created a separate routing table, where the default gateway will be the address from the central mikrotik tunnel
3. We created a mangle mark route rule where in the criteria you select the traffic you need (either all or specific from a specific client \ protocol \ port) and in action you specify the same routing table. This action will send the marked traffic to the center, from where it will go outside through the provider in the center.

Report
B
bukass, 2015-06-25
@bukass

I ask for help in setting up and advice on the model of the main mikrotik.

Get routerOS and install on x86.

Report
A
Anton, 2015-06-25
@Largo1

in the general case, judging by your questions, this device will do: http://mikrotik.rf/katalog/oborudovanie_mikrotik/c...

Similar questions
K
kasimov-marat2022-02-01 13:01:02
How to unite a store and an office into a local network using Mikrotik equipment? 4Reply
H
HeroFromEarth2016-07-07 23:00:43
Firewall setup on home MikroTik? 2Reply
V
Victor2016-07-08 10:51:29
Why do vpn clients need a pool of addresses separate from the home network if I want to have access to the home network from the vpn client? 3Reply
A
Andrey2020-10-04 17:30:08
How to configure route or port forwarding through mikrotik and openvpn server? 1Reply
S
Stanislav2020-10-05 23:01:47
Redirecting tagged traffic from wan to lan port on mikrotik? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question