We have several “network-to-network” L2TP w/IPSEC VPNs for the purpose of
management (not end user traffic) and they present like any other link for the
purposes of routing. If you only need to initiate connections from one end of
the tunnel (I.e. from management stations to devices across the tunnel), you
can simply masquerade it at the end that initiates the connections and all the
management traffic will come from an IP known to the other network (if your VPN
terminates at the other network’s gateway of last resort). If you need traffic
to go both ways, initiated from either end, then you can turn on OSPF on both
ends and just redistribute static from the static end. Of course, make sure
there are. Overlapping prefixes.
From: mikrotik-users-boun...@wispa.org <mikrotik-users-boun...@wispa.org> on
behalf of David McCullough via Mikrotik-users <email@example.com>
Sent: Monday, March 12, 2018 7:28:00 AM
Subject: [Mikrotik Users] Site-to-Site VPN
We are expanding into a new market, which will extend our service base. This
new market currently has a fiber drain and we will be connecting these two
markets onto a single network in the coming months. In the mean time we need to
implement a site-to-site VPN so that we can monitor the new markets equipment,
migrate to our DHCP server, etc.
Both networks are utilizing MikroTik equipment. Our network is utilizing OSPF,
while the new market just has static routes. We are looking at the various
options to integrate the site-to-site VPN. We are thinking to implement L2TP.
Will L2TP provide any routing? Will we need to enable GRE? Should we just add
static routes, since it’s temporary.
Hill Country Wireless & Technology
Mikrotik-users mailing list