I am under an education network which the content is unfilterred but the volume of traffic to the Internet is limited (unlimited within EDU network). This restriction only applies only to office computers but not the home computers. I have set up a L2TP VPN server at home to bypass this restriction.
I now want to set up a wirelss router at office, which shares the PC's VPN'ed connection to phones etc (my PC has two NICs, but no Wifi card).
My current attempt is:
- Connect the 1st NIC (namely "Eth Master") to the office network (IP address 10.13.x.x)
- Dial VPN to home (IP address 10.7.x.x)
- Note: The VPN server at home is set up on an MikroTik, router gateway is 192.168.0.1 and VPN gateway is 192.168.10.100 (DHCP 192.168.10.101-192.168.10.150)
- Tested on the PC and all network traffic is routed as expected.
- Now, connect the router to the 2nd NIC (namely "Eth Slave") on the PC, set the router as Bridge mode
- Use Windows ICS to share the VPN connect to Eth Slave with default options (it gave the IP address 192.168.137.1, subnet mask 255.255.255.0, gateway 0.0.0.0)
- Now check the router has IP address 192.168.137.218 (well, it may not matter)
- Connect another computer to the router, and the IP address assigned was 192.168.137.239, subnet mask 255.255.255.0, gateway 192.168.137.1)
However, this computer cannot access internet - even ping IP addresses directly.
I tried to ping a few IP addresses and here are the results:
192.168.137.1 - OK 192.168.137.218 - OK 192.168.10.150 - Fail (Local IP of VPN connection) 192.168.10.100 - Fail (Gateway IP of VPN connection) 10.13.x.x - Fail (Eth Master) 10.7.x.x - Fail (Home)
Also tried other IP address with the Edu network and 8.8.8.8 etc, none of them is fine. traceroute has no success hops at all.
I suspect the problem is the routing from the Eth Slave to VPN on the PC, and the route table is (no manual entry anyway)
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.13.xxx.1 10.13.xxx.xx 4516
0.0.0.0 0.0.0.0 On-link 192.168.10.150 36
0.0.0.0 0.0.0.0 On-link 192.168.137.1 4516
10.7.xx.xx 255.255.255.255 10.13.xxx.1 10.13.xxx.xx 4261
10.13.xxx.0 255.255.255.128 On-link 10.13.xxx.xx 4516
10.13.xxx.xx 255.255.255.255 On-link 10.13.xxx.xx 4516
10.13.xxx.xxx 255.255.255.255 On-link 10.13.xxx.xx 4516
127.0.0.0 255.0.0.0 On-link 127.0.0.1 4556
127.0.0.1 255.255.255.255 On-link 127.0.0.1 4556
127.255.255.255 255.255.255.255 On-link 127.0.0.1 4556
192.168.10.150 255.255.255.255 On-link 192.168.10.150 291
192.168.137.0 255.255.255.0 On-link 192.168.137.1 4516
192.168.137.1 255.255.255.255 On-link 192.168.137.1 4516
192.168.137.255 255.255.255.255 On-link 192.168.137.1 4516
224.0.0.0 240.0.0.0 On-link 127.0.0.1 4556
224.0.0.0 240.0.0.0 On-link 10.13.xxx.xx 4516
224.0.0.0 240.0.0.0 On-link 192.168.137.1 4516
224.0.0.0 240.0.0.0 On-link 192.168.10.150 36
255.255.255.255 255.255.255.255 On-link 127.0.0.1 4556
255.255.255.255 255.255.255.255 On-link 10.13.xxx.xx 4516
255.255.255.255 255.255.255.255 On-link 192.168.137.1 4516
255.255.255.255 255.255.255.255 On-link 192.168.10.150 291
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 10.13.xxx.1 Default
0.0.0.0 0.0.0.0 192.168.137.1 Default
===========================================================================
What can I do to resolve this issue and allow computers and phones connected to the router to access the network?
