I'd assume the VPN server is assigning addresses from a pool.
Allowing access from that whole pool would be the simplest thing to do.
On 11/18/2019 10:34 PM, Jason McKemie wrote:
Yeah, I didn't give much information there. I did try out your first
theory and it seems to have been correct. Wha
Yeah, I didn't give much information there. I did try out your first
theory and it seems to have been correct. What would be the easiest way to
map whatever address the VPN client currently has (assuming this can
change) to the address that is assigned via the VPN server?
Thanks for the suggestio
Input chain firewall rules vs forward chain firewall rules? Maybe
all the other routers are allowed to be reach from the L2TP IP in
the forward chain of the VPN concentrator Mikrotik but you didn't
allow the L2TP IP in the input chain of said Mikrotik?
Hard to generalize without knowing more.
.but chances are the VPN server masquerades traffic from the VPN
clients, so one difference might be that the VPN server will see your
client coming from his private IP, and the adjacent routers might see
the client coming from the VPN server's IP.
I'm having an issue wherein I'm trying to lock down winbox access on some
routers so that they are only accessible via VPN. The issue is that I'm
still not able to access the router that is acting as the VPN server,
adjacent routers work as expected, however. I assume this is
misconfiguration. Any
