I have a very basic setup, but am running into a small issue that I'm hoping has a simple solution.
I replaced a consumer grade Netgear router in my home with a RB450 with version 3.0 installed. It is acting as a nat router and firewall behind my comcast cable connection. I've got basic Nat setup using masquerade, and basic firewall filters only, and 4 Ethernet ports bridged with the last port set as the Wan port.
The problem is that I have 2 laptops that both connect to a Windows Vpn server offsite. With the netgear router there was no problem having both laptops connecting to the VPN server. However, since I've installed the Mikrotik router, I can't get both to connect at the same time. The first VPN connection has no problem, but when i try to connect the second VPN, it never gets beyond the 'verifying username and password' message. It doesn't matter which laptop, as it is only the first laptop to dial the VPN connection that will connect, and the second will be rejected.
I've seen previous posts with similar problems, but never a solution. Any ideas would be appreciated.
Re: Multiple PPTP clients behind MT firewall
RouterOS certainly can do this. Strangely enough I've always found the 'moms and pops' routers to have this limitation.
Anyway, just make sure the PPTP service port is enabled in the firewall. This is effectively a NAT helper.
Anyway, just make sure the PPTP service port is enabled in the firewall. This is effectively a NAT helper.
Re: Multiple PPTP clients behind MT firewall
That's what i would expect, that the MT router would be able to do it much easier, so I'm sure it's something simple in my setup.
I confirmed that the PPTP is enabled under service ports, and yet I still have the same issue. Not able to connect two VPN clients.
Any other ideas?
I confirmed that the PPTP is enabled under service ports, and yet I still have the same issue. Not able to connect two VPN clients.
Any other ideas?
Re: Multiple PPTP clients behind MT firewall
Post your masquerade rule.
-
-
nborisenkov
刚刚加入了
- Posts: 1
- 加入:
Re: Multiple PPTP clients behind MT firewall
Hello, I have the same problem.
Mikrotik CCR1036, RouterOS 6.34, Hotspot Server.
Hotspot clients trying to connect to PPTP servers.
vpn_client1 connects to the vpn_server1
vpn_client2 connects to the vpn_server2
All hotspot clients have the same external IP after NAT.
The first connection is excellent. pptv ip firewall service creates the necessary rules in conntrack. But during the second connection there is a problem with GRE packets. They come to the external IP address, but do not reach the internal client. And i do not see entries in conntrack for the second gre connection.
My masquerade rule:
Mikrotik CCR1036, RouterOS 6.34, Hotspot Server.
Hotspot clients trying to connect to PPTP servers.
vpn_client1 connects to the vpn_server1
vpn_client2 connects to the vpn_server2
All hotspot clients have the same external IP after NAT.
The first connection is excellent. pptv ip firewall service creates the necessary rules in conntrack. But during the second connection there is a problem with GRE packets. They come to the external IP address, but do not reach the internal client. And i do not see entries in conntrack for the second gre connection.
My masquerade rule:
Code:Select all
/ip firewall nat add action=masquerade chain=srcnat comment="default configuration" to-addresses=0.0.0.0