How to forward GRE protocol 47 on Mikrotik router?

vpn mikrotik-routeros
10,718

GRE protocol on its own is not enough.

Depending on which type of VPN service you are using you'll have to port forward some other TCP or UDP ports.

For PPTP for example you need to forward port 1723 TCP.

For L2TP you need to forward port 1701 UDP.

For OpenVPN you need to forward port 1194 UDP+TCP (OpenVPN does not use GRE).

Here is a port forwarding example to use: http://wiki.mikrotik.com/wiki/Manual:Initial_Configuration#Port_forwarding

Port forwarding

To make services on local servers/hosts available to general public it is possible to forward ports from outside to inside your NATed network, that is done from /ip firewall nat menu. For example, to make possible for remote helpdesk to connect to your desktop and guide you, make your local file cache available for you when not at location etc. Static configuration

A lot of users prefer to configure these rules statically, to have more control over what service is reachable from outside and what is not. This also has to be used when service you are using does not support dynamic configuration.

Following rule will forward all connections to port 22 on the router external ip address to port 86 on your local host with set IP address:

if you require other services to be accessible you can change protocol as required, but usually services are running TCP and dst-port. If change of port is not required, eg. remote service is 22 and local is also 22, then to-ports can be left unset.

Comparable command line command:

 /ip firewall nat add chain=dstnat dst-address=172.16.88.67
 protocol=tcp dst-port=22 \  action=dst-nat to-address=192.168.88.22
 to-ports=86
Share:
10,718

Related videos on Youtube

sza
Author by

sza

Updated on September 18, 2022

Comments

  • sza
    sza over 1 year

    I'm new to Mikrotik routers. I'm using mine with Webfig 6.10.

    I would like to use a TP-Link router as a VPN server behind the Mikrotik router, and as I read, I have to forward GRE protocol 47 for this.

    I tried many solutions I found online but nothing worked so far.

    How should I set up the rule correctly?

    Thanks in advance!

  • sza
    sza over 8 years
    It's PPTP (with DD WRT on router), and port forwarding is set up correctly. Only the GRE 47 is missing, and I can't find a working "preset" rule, or guide how to allow it.
  • Cha0s
    Cha0s over 8 years
    Post your configuration. /export

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Mikrotik Firewall rule: block all connection except to VPN server
Limit access to specific host in my network over VPN in Mikrotik
Which free VPN providers support Ubuntu?
Can I VPN connect to my work using Windows 8?
Cisco VPN Client automatic login
Connect to http server behind vpn with java
Change IP address in selenium
Is it possible to setup a VPN on Heroku?
Pre-configured EC2 VPN AMI
Getting a certificate from an https site