I thought a bridge was required for PPP / profiles. If I leave that out, I have two interfaces in the same address space, and it was drummed into me that that was a no-no on the MikroTik...?
On Aug 5, 2014, at 3:05 AM, Scott Reed <[email protected]> wrote: > You don't need the bridge. Create the VPN with an inside address in his > address range. > When you log in, you have a address in his range, so effectively you are > "inside." > > On 8/4/2014 9:34 PM, Grand Avenue Broadband wrote: >> I have a neighborhood tower, hosted by a resident. The resident gets >> service over the POE cable, while his neighbors are wireless. >> >> All subscribers have static nonroutable IPs. All subscribers are limited to >> a contract speed. Each subscriber's speed is limited in his own Mikrotik >> CPE. Since the host has no CPE, I limit his speed by a simple queue on the >> ethernet port. >> >> The host's ethernet port is NATted to provide the host with a private >> address range for the devices inside his home, all the traffic from which >> shows up NATted to a particular subcriber-range nonroutable IP that >> identifies him. >> >> All fine so far. >> >> I need to set up a PPTP VPN so I can log into the router remotely for >> troubleshooting "as if I were" a device in the host's residence. To do >> this, I put the ethernet port into a bridge (moving the address and the DHCP >> server target appropriately), then create a PPTP VPN that attaches to that >> bridge and shares the host's DHCP pool. >> >> This all works, too, as far as function goes. >> >> What doesn't work at this point is the simple queue. If I leave the simple >> queue on the hardware interface, it limits the host's speed TO the network >> only. If I change the simple queue to the bridge instead of the interface, >> it limits the host's speed FROM the network only. >> >> If I create a simple queue on each, I can "make it work," but that >> "solution" strikes me as a kludge. What am I doing wrong? >> > > -- > Scott Reed > Owner > NewWays Networking, LLC > Wireless Networking > Network Design, Installation and Administration > Mikrotik Advanced Certified > www.nwwnet.net > (765) 855-1060 (765) 439-4253 Toll-free (855) 231-6239 > > > _______________________________________________ > Mikrotik mailing list > [email protected] > http://mail.butchevans.com/mailman/listinfo/mikrotik > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS _______________________________________________ Mikrotik mailing list [email protected] http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
