My first first post.. please be kind & help me:
Background:
I have two Mikrotik Routers and connected with IPsec VPN with IKEY2 certificate. Both are 12000 kms away.
Home A :
Router : RB4011iGS+
firmware : v6.49.10
Internet : Dynamic public IP - but stays same for months unless I turn off modem for 3 - 4 days
Act as IPSec VPN server
DHCP Server range : 192.168.1.1 to 192.168.1.100
Home B:
Router : hEX RB750Gr3
firmware : v6.49.10
Internet : CGNAT - public IP not available
DHCP Server range : 10.10.10.50 to 10.10.10.100
Act as IPSec VPN client. Only three computers 10.10.10.51, 52 & 53 - full tunnel go through VPN server - 100% of time - whenever they are on.
Everything works fine. No issue at all.
Now Questions:
Is it safe to keep ROS on v6.49.XX?
I'm getting this : input: in:ether1 out:(unknown 0), src-mac 00:17:10:10:c1:7c, proto TCP (SYN), 3.17.141.240:53606->XX.XXX.XX.XXX:3414, len 52 and I'm worried.
See snapshot
I want to take advantage of wireguard VPN & it's possible in v7 only. Should I update both routers to ROS v7.XXX?
If I upgrade both to v7 - will my existing configuration including VPN will carry forward? Full tunnel VPN from B to A is my prime requirement.
Secondary questions after v7 upgrade:
At Home A (public IP available):
if I set-up wiregurad server OR back to home VPN, will it create full tunnel so that whenever family member travelling abroad can use WG vpn when less secure WIFI like motel, restaurant, etc?
At Home B (behind CGNAT - public IP NOT available): is wireguard server or back to home VPN possible? I really want my laptop to connect to home B and use home B internet access.
Thanks in advance.
Background:
I have two Mikrotik Routers and connected with IPsec VPN with IKEY2 certificate. Both are 12000 kms away.
Home A :
Router : RB4011iGS+
firmware : v6.49.10
Internet : Dynamic public IP - but stays same for months unless I turn off modem for 3 - 4 days
Act as IPSec VPN server
DHCP Server range : 192.168.1.1 to 192.168.1.100
Home B:
Router : hEX RB750Gr3
firmware : v6.49.10
Internet : CGNAT - public IP not available
DHCP Server range : 10.10.10.50 to 10.10.10.100
Act as IPSec VPN client. Only three computers 10.10.10.51, 52 & 53 - full tunnel go through VPN server - 100% of time - whenever they are on.
Everything works fine. No issue at all.
Now Questions:
Is it safe to keep ROS on v6.49.XX?
I'm getting this : input: in:ether1 out:(unknown 0), src-mac 00:17:10:10:c1:7c, proto TCP (SYN), 3.17.141.240:53606->XX.XXX.XX.XXX:3414, len 52 and I'm worried.
See snapshot
I want to take advantage of wireguard VPN & it's possible in v7 only. Should I update both routers to ROS v7.XXX?
If I upgrade both to v7 - will my existing configuration including VPN will carry forward? Full tunnel VPN from B to A is my prime requirement.
Secondary questions after v7 upgrade:
At Home A (public IP available):
if I set-up wiregurad server OR back to home VPN, will it create full tunnel so that whenever family member travelling abroad can use WG vpn when less secure WIFI like motel, restaurant, etc?
At Home B (behind CGNAT - public IP NOT available): is wireguard server or back to home VPN possible? I really want my laptop to connect to home B and use home B internet access.
Thanks in advance.
Statistics: Posted by QuantumAalfa — Sat Feb 17, 2024 2:09 am