E
E
Evgeny Vorobyov2021-01-06 12:11:05
openvpn
Evgeny Vorobyov, 2021-01-06 12:11:05

Why doesn't marking packets for sending via another route to Mikrotik via OpenVPN work?

Hi all!
Mikrotik is configured with an ovpn client (ovpn-out1)
/ip firewall address-list add address=8.8.8.8 list=through_vpn
/ip firewall mangle add action=mark-routing chain=prerouting dst-address-list=through_vpn in-interface=bridge1 new-routing-mark=through_vpn passthrough=yes
/ip route add distance=1 gateway=ovpn-out1 routing-mark=through_vpn
/ip firewall nat add action=masquerade chain=srcnat out-interface=ovpn-out1 Tracing

since Mikrotik 8.8 .8.8 - packets go in the usual way.
If I create a route manually through ovpn-out1 to the address 8.8.8.8 - everything goes through vpn (that is, the gateway is working there).
And if you enable logging on the mangle rule, there is nothing in the logs.
Can you suggest why?

In this case, 8.8.8.8 is for the test.

Answer the question

In order to leave comments, you need to log in

1 answer(s)
N
nApoBo3, 2021-01-06
@nApoBo3

Because you have it in the mangle in interface. This is for forward traffic, and from mikrotik itself you have output traffic.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question