Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsLAN (ethernet/Wifi/routers/Bluetooth)Assistance - Mikrotik - L2TP\IPSec VPN Configuration (Please!)
Shindig

1587 posts

Uber Geek

Trusted

#282597 28-Feb-2021 13:53
Send private message

Hello there.

 

Would anyone be able to help me configure a L2TP IPSec VPN on a 'tik 4011.

 

I have attempted a couple of time, and at one point reset the router so I could start again.

 

Following a few tutorials to really try and understand. 

 

 

 

I gain a connection to the VPN from a Win10 laptop - tethered to a mobile phone
I gain an IP address and the DNS is set, but I can't access anything on the LAN with DNS names. 

 

To make it worst, the second time round, I know can't access anything local.

 

There doesn't appear to be that one definitive guide and the different toturials are written for different versions of the OS.

 

 

 

Anyone lend a hand please?

 

cheers




The little things make the biggest difference.

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
Dynamic
3869 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2665740 28-Feb-2021 14:18
Send private message

With the VPN connected, can you PING something on your LAN?  If yes, this would suggest you are 95% of the way there.

Maybe post a couple of images of your config?  IP addresses of the devices involved?




“Don't believe anything you read on the net. Except this. Well, including this, I suppose.” Douglas Adams

 

Referral links to services I use, really like, and may be rewarded if you sign up:
PocketSmith for budgeting and personal finance management.  A great Kiwi company.



Shindig

1587 posts

Uber Geek

Trusted

  #2665752 28-Feb-2021 14:38
Send private message

Would you be up for a screen share?

 

 




The little things make the biggest difference.

Shindig

1587 posts

Uber Geek

Trusted

  #2665764 28-Feb-2021 15:19
Send private message

OK, got a personal guide from a geekzoner over PM - thank you!

 

Just the DNS to sort now

 

When trying to ping my nas box hostname - i get the usual , can't find the host

 

 

 

I see DNS IP my local clients get is set correctly on the PPP adapter - also, I can browse the web?

 

 

 

any ideas? Feels like i'm close




The little things make the biggest difference.



Shindig

1587 posts

Uber Geek

Trusted

  #2665771 28-Feb-2021 15:56
Send private message

hmmm dns request timesout - as if it isn't getting there..




The little things make the biggest difference.

cyril7
9058 posts

Uber Geek

ID Verified
Trusted
Subscriber

  #2665773 28-Feb-2021 16:04
Send private message

Hi so what is the DNS record and what is that pointing to.

 

Cyril

Shindig

1587 posts

Uber Geek

Trusted

  #2665780 28-Feb-2021 16:16
Send private message

dns static record on the tik is 

 

 

 

jupiter pointing to 192.168.10.4

 

 

 

suffix is router.lan and I've added an entry of jupiter.router.lan as well

 

 




The little things make the biggest difference.

cyril7
9058 posts

Uber Geek

ID Verified
Trusted
Subscriber

  #2665785 28-Feb-2021 16:19
Send private message

And .10.4 is what exactly? and can you ping it over the vpn

 

Cyril

 
 
 
 

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.
Shindig

1587 posts

Uber Geek

Trusted

  #2665788 28-Feb-2021 16:26
Send private message

192.168.10.X is local IP range where all LAN devices are on

 

Ping to IP (10.4) works 

 

Tether win10 laptop - connected to VPN - tracert finds the device when using IP address




The little things make the biggest difference.

cyril7
9058 posts

Uber Geek

ID Verified
Trusted
Subscriber

  #2665791 28-Feb-2021 16:30
Send private message

Ummm, but what is it, what DNS functionality does it provide, is it possible it has been set to not respond to DNS requests from the VPN subnet, just trying to understand what it is.

 

Cyril

Shindig

1587 posts

Uber Geek

Trusted

  #2665793 28-Feb-2021 16:41
Send private message

10.4 is synology NAS drive

 

Tik router is 10.1 which handles DNS

 

VPN client - using 11.x subnet - gets a 10.1 DNS IP

 

Just tested - DNS is broken for both local and external (web browsing)- RATS!!!

 

NAT traversal is enabled on the IPSec profile

 

 




The little things make the biggest difference.

Spyware
3764 posts

Uber Geek

Lifetime subscriber

  #2665805 28-Feb-2021 16:55
Send private message

Allow Remote Requests




Spark Max Fibre using Mikrotik CCR1009-8G-1S-1S+, CRS125-24G-1S, Unifi UAP, U6-Pro, UAP-AC-M-Pro, Apple TV 4K (2022), Apple TV 4K (2017), iPad Air 1st gen, iPad Air 4th gen, iPhone 13, SkyNZ3151 (the white box). If it doesn't move then it's data cabled.

cyril7
9058 posts

Uber Geek

ID Verified
Trusted
Subscriber

  #2665819 28-Feb-2021 17:21
Send private message

Ahh, so just checking why have you got the DNS record for VPN clients set to point to the Syno, (which is what you orginally said 10.4) surely it should bt 10.1 the MT?

 

Cyril

MadEngineer
4298 posts

Uber Geek

Trusted

  #2665941 28-Feb-2021 22:01
Send private message

You need to turn on proxy arp




You're not on Atlantis anymore, Duncan Idaho.

OzoneNZ
102 posts

Master Geek

ID Verified

  #2665956 1-Mar-2021 01:03
Send private message

MadEngineer: You need to turn on proxy arp

 

 

 

Second this, I had issues with VPN traffic not passing until enabling proxy-arp on the LAN bridge interface 

Shindig

1587 posts

Uber Geek

Trusted

  #2665970 1-Mar-2021 07:44
Send private message

Let me check out this proxy arp! Thank you for the suggestion.




The little things make the biggest difference.

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00

eero Pro 7 Review
Posted 23-Jul-2025 12:07

BeeStation Plus Review
Posted 21-Jul-2025 14:21

eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01

WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32

RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26

Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24

Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05

Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01

Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01

Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22

Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46

Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42

D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34

Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







RSS feeds
Main feed
Forums feed
Copyright
©2002-2025 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Affiliate links
Samsung
AliExpress
Wise
Sharesies
GoodSync
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright