Mikrotik PPPOE Routing - mikrotik

I have setup PPPOE Server successfully in Mikrotik. All is Good. I am able to give out public ips to clients over PPPOE. But I have some issues. For example I have 2 clients with public ips that would want to be able to connect to each other this is not working. Both public ips cannot reach each other.
Client 1
Local IP Remote IP
a.a.a.a b.b.b.b
Client 2
a.a.a.b b.b.b.b
Is there a way for these two IPs talk to each other?

Although its a very old question.
Answer:
1. Both the clients will be connected using ppp link to the pppoe server.
2. Enabled ipv4/ipv6 routing the pppoe server, if it's linux you need to enabled ip forwarding.
The above is logical answer, I haven't tried it myself.

Related

access to relay boards via VPN

I have a few 'smart' relay boards on different sites. These boards have a ethernet connection and are running a built-in web server on TCP 8080. I can access them from the local network and control them via a browser.
To control these boards remotely, I could assign them a fixed local IP address, open TCP port 8080 on my router and forward it to that address. But this is a risky thing to do, off course.
And I would have to do this on the different routers (from different IPSs) on each site and keep track of all these public IP addresses. (Via a dyndns service. Most routers are not VPN-enabled, afaik.)
Is there a better way using VPN-tunnels? I already have a Linux VPS running for other purposes and could install a Raspberry Pi on each location. All these Raspi's could connect to my VPS. And I would no longer need the dyndns.
Maybe, I could also find a way to map the URLs for the different relay boards to a more human-friendly form. Like this: http://myvps.domain.com/site2/relayboard3
How can I achieve this? I could install OpenVPN on the VPS server and the Raspberry Pi's (one for each site). But how do I have to configure this? VPS in the role as VPN server and Raspi's as VPN clients?
(I assume the gateway address from the relay boards has to change to the local address from the Raspberry.)
And do I need a VPN client om my Android phone to be able to browse to the relay boards or not?
What do I need to forward the http connections to the correct relay board? A proxy server?

forward vpn network to another interface

I have an RB750 with the follow setup:
- Interface 1 = WAN static IP
- Interface 2 = Static IP from a LAN network (LAN provided by another FW)
- MK as a IPSec/L2TP working well providing to clients the subnet x.x.x.x
I would like to redirect all traffic from VPN clients to the LAN network provided in Interface 2.
I mean; User setup in his computer the VPN with success, when connected they need to access the server z.z.z.z located inside the network provided in Interface 2.
Any ideas how to configure it?
You provide not much information, but if im not wrong
you can try NAT for example
/ip firewall nat add chain=srcnat action=masquerade out-interface="your Interface 2" src-address="your l2tp subnet x.x.x.x"

Local IP address of an incoming connection in Socket IO - (behind a router)

I'm interested in differentiating connections coming from the same PC.
socket.request.connection.remoteAddress; works perfectly for me on 1.0.4 to give me the public IP, but it will run into trouble when people are behind routers
For public ip - Get the client's IP address in socket.io
You have to use a combination of remote IP and remote Port to differentiate connections. If multiple connections come from behind the same router, your server would see them having the same public IP from the router, but they would be using different ports.

Access a local machine form outside the LAN

Is there a way to access a machine from outside the LAN without port forwarding?
I have two scenarios in my current setup port forwarding is complicating:
I have two FTP servers on the same router I want to access from outside
I want to Remote Control/Access files on Windows computers on the network
Right now, the first option is possible, but it needs reconfiguring the router, while other one seems impossible outside the LAN.
Is there something like [global IP address]/[machine name] or [global IP address]/[Local IP address]?
We need more information. Are these addresses IPv4 RFC 1918 addresses, publicly routed addresses, or IPv6?
If they are in the RFC1918 (10.x.x.x, 172.16.x.x, 192.168.x.x) address space then, simply no. Those addresses are not publicly routed and therefore must be translated to a non-RFC 1918 address.
Otherwise, yes, you can.
If your servers should be available to the public - the answer will be "no".
If you plan to give a limited number of users (for example, only you) access to this servers then you have some options:
Use SSH tunnels with, for example, PuTTY and set up a Forwarding for each service you want to expose to your computer and access it over localhost:port.
localhost:21001 --> 192.168.1.3:21 (FTP1)
localhost:21002 --> 192.168.1.4:21 (FTP2)
Advantage: you can setup your "port-forwardings" at clinet-side
Disadvantage: you need a router or another computer running the SSH server
Use a VPN (for example, OpenVPN, PPTP, etc.) to get access to your LAN from outside. Then you can act like you are in your LAN.
Advantages:
easy to use if setup properly
you can use almost every protocol
Disadvantage: Need to setup VPN Service/Gateway

To use servers behind firewall for boinc for public welfare

I have join boinc for public welfare.
I have 7 servers with 4 cores behind firewall which is not in using currently and may be empty for one year or life.Because no one care for the project which use these servers. So I want to use them to contribute for public welfare with boinc.
The problem is that none of these server can access internet and boinc need to download tasks and upload result by internet. The good news is that 2 of these servers can be accessed by internet in one way.
Because the port of 80 can be accessed by internet, so I think if I can use some software to be a proxy which listen in port 80, use an income connection to transfer info between boinc and public welfare project servers.
Thank you.
I have downloaded a socks proxy source code of JAVA. And then I modified it as two projects. One act as a proxy( named proxy-A) in an server which can access internet. Another act as a proxy(named proxy-B) in the server behind firewall.
The procedure is:
1. Proxy-A connect to the proxy-B and keep the connection.
2. The servers behind firewall connect to proxy-B by socks protocal.
3. proxy-B request proxy-A to begin a new connection to proxy-B by the connection in procedure 1.
4. proxy-A connect to proxy-B.
5. proxy-B send the request to proxy-A.
6. proxy-A connect to server on internet and retrieve the information.
7. proxy-A send the information to proxy-B.
8. proxy-B send the result to the servers behind firewall.

Resources