We have several “network-to-network” L2TP w/IPSEC VPNs for the purpose of 
management (not end user traffic) and they present like any other link for the 
purposes of routing. If you only need to initiate connections from one end of 
the tunnel (I.e. from management stations to devices across the tunnel), you 
can simply masquerade it at the end that initiates the connections and all the 
management traffic will come from an IP known to the other network (if your VPN 
terminates at the other network’s gateway of last resort). If you need traffic 
to go both ways, initiated from either end, then you can turn on OSPF on both 
ends and just redistribute static from the static end. Of course, make sure 
there are. Overlapping prefixes.

From: mikrotik-users-boun...@wispa.org <mikrotik-users-boun...@wispa.org> on 
behalf of David McCullough via Mikrotik-users <mikrotik-users@wispa.org>
Sent: Monday, March 12, 2018 7:28:00 AM
To: Mikrotik-users@wispa.org
Subject: [Mikrotik Users] Site-to-Site VPN

We are expanding into a new market, which will extend our service base. This 
new market currently has a fiber drain and we will be connecting these two 
markets onto a single network in the coming months. In the mean time we need to 
implement a site-to-site VPN so that we can monitor the new markets equipment, 
migrate to our DHCP server, etc.

Both networks are utilizing MikroTik equipment. Our network is utilizing OSPF, 
while the new market just has static routes. We are looking at the various 
options to integrate the site-to-site VPN. We are thinking to implement L2TP. 
Will L2TP provide any routing? Will we need to enable GRE? Should we just add 
static routes, since it’s temporary.


David McCullough
Hill Country Wireless & Technology
830.225.1465 (o)
830.309.0473 (c)

Mikrotik-users mailing list

Reply via email to