30 May
2017
30 May
'17
11:23 a.m.
So with Brians "pressure" on me (HI) i
think i have found the problem ... it it the tunnel keep alive
and now the questions
1)Does it necessary to turn it on ?
2) why this uses source address of amprGW and
destination of my local address maybe its a a bug in the Mikrotik tunnel ? what
protocol keep alive uses ? is there anyone else here with mikrotik that have a keep alive
open and know if he get same errors from AMPGW ?
Yes, that is probably the reason. You should simply turn it off.
The tunnel keep alive packets are tunneled packets with source and destination address
swapped.
There is no standard for this, but it is a method used by other manufacturers as well.
Apparently the expectation is that the remote end of the tunnel will just route the
packets and
return them on the same tunnel, just like a ping.
However, in your case one of the addresses is a 192.168 (RFC1918) address. Likely you are
running
your MikroTik behind another router that does NAT. That is not a good idea, you should
try to
get the real internet address on the MikroTik. With some ISPs it may be difficult because
the
use of the provided router is mandatory and it cannot be put in transparent mode.
Setting "DMZ mode" in the router often causes additional problems.
Rob
2733
days inactive
2733
days old
0 comments
1 participants
participants (1)
-
Rob Janssen