WereDoku

User Tools

Site Tools

Trace: ostatni osx lan_games mikrotik
mikrotik

This is an old revision of the document!

Table of Contents

MikroTik

Two separate connections for two separate LANs with one RouterBoard

  1. Disconnect the bridge between etherX-*-local (Interface properties - remove the Master port).
  2. Mark the packets from LAN subnets (e.g. 192.168.10.0/24 a 192.168.20.0/24): 
    /ip firewall mangle add action=mark-routing chain=prerouting \
    new-routing-mark=routing_mark_office src-address=192.168.10.0/24
/ip firewall mangle add action=mark-routing chain=prerouting \
    new-routing-mark=routing_mark_guests src-address=192.168.20.0/24
  3. Set up routing for packets marked with mangle: 
    /ip route add gateway=ether1-wan1 routing-mark=routing_mark_office
/ip route add gateway=ether2-wan2 routing-mark=routing_mark_guests

    Note: Gateway can also be a PPPoE connection (in case of DSL).

  4. Set up masquerade for the second wan interface (assuming that masquerade was set up only for the ether1-wan1).

PPP VPN

  1. PPP > Profile > Add
    1. Name
    2. Local address: local IP of the router
    3. Remote address: pool from which the remote clients will get IP addresses
    4. DNS server: optional?
    5. Protocols > Use Encryption: Yes
  2. PPP > PPTP Server (button)
    1. Enabled
    2. Default profile: our newly created profile
  3. PPP > Secrets
    1. Name: someusername
    2. Password: somepassword
    3. Service: PPTP
    4. Profile: our newly created profile
  4. In Firewall, allow:
    1. 1752/TCP
    2. 47/IP (GRE)
  5. On LAN interface, allow:
    1. ARP: proxy-arp
    2. Note: if bridged, then do this on the bridge instead of LAN interface.
mikrotik.1437654693.txt.gz · Last modified: (external edit)