Hi Dave, That was my thought too, however I've placed a rule at the top #1 that allows ICMP from any IP on any zone to reach any other IP on any other zone, same result. ________________________________ From: Public <public-bounces@talk.mikrotik.com.au> on behalf of Dave Browning <dave@dlbnetworks.com> Sent: Thursday, February 3, 2022 6:39 PM To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Network Routing Issues Given you can get one way, it’ll be a firewall issue. I reckon your are being “Sophos’d” and it’s simply blocking inbound ICMP.
On 3 Feb 2022, at 5:32 pm, Christopher Hawker <chris@thesysadmin.dev> wrote:
Hello all,
I'm trying to work on a setup using 2 x CHRs at separate locations, with an EoIP tunnel between them. The tunnel itself works, and I am able to route across it.
At the A-side is a workstation (192.168.0.1) with a Sophos router as the default gateway (192.168.0.254) and the A-side CHR is the tunnel gateway (192.168.0.253). At the Z-side, there is the single CHR (172.16.100.254) which is acting as the default gateway and a Windows server (172.16.100.1) behind it. I have BGP configured between the two sites over the tunnel and this works as expected. Sessions are up and routes have propagated.
192.168.0.1 is able to ping and can traceroute to 172.16.100.1 and results are returned however, 172.16.100.1 cannot ping/traceroute to 192.168.0.1 which has me puzzled. I did some more digging, and the traceroute to 192.168.0.1 shows that the last hop before timeout is 192.168.0.253.
I apologise for my poor explanation; however I hope it makes sense to someone. Would anyone be able to shed some light on why it may be doing this, or what I am missing?
Thanks, CH _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au