Syed Jahanzaib Personal Blog to Share Knowledge !

November 18, 2014

VPN/PPTP Static Routes Loose gateway when client reconnects

Filed under: Mikrotik Related — Tags: , , — Syed Jahanzaib / Pinochio~:) @ 1:14 PM


Recently i configured a site to site vpn connectivity (Head office to Branch office) at some place. Everything was working fine , both end clients could access each other with direct access as proper routes were setup, But strange issue was happening that if the branch office mikrotik goes offline or Re connects the pptp dialer,    static route at head office mikrotik becomes un-reachable

(manual route was added at H.O mikrotik to access branch offices via dynamic pptp interface).

As showed in the image below … (head office router) routeunreachable

It was happening because the route is looking at a dynamic interface. When the dynamic interface goes away (branch office mikrotik pptp disconnect-reconnect) the Route does not know which interface to point to. . To sort this issue, I added ROUTE in ppp/secret section @ Head Office mikrotik.

As showed in the image below ….

pptp_secret .

The above subnet is branch office clients subnet. now whenever the branch will re connect the pptp, a dynamic route will add each time on H.O mikrotik, so it will know that from which route it should access B.O clients.

As showed in the image below.



You can do it manually too by assigning static ip, and in route use that ip in gateway, But I prefer to use dynamic route , because the route will be created dynamically each time when user connected to the router and disappear when user disconnect. And so the route will work transparently even if changes are made in other sections.


Syed Jahanzaib


  1. hello,
    I carried out your instructions by adding the route, but unfortunately it does not work, what can I check to see where am I wrong?

    Comment by Frank Gabriele — November 19, 2014 @ 8:47 PM

    • withotu knowing detail information, subnets, rules, firewalls, scenario, VPN troubleshooting is not easy. you ahve to describe in detail.
      email me to aacable at hotmail dot com

      Comment by Syed Jahanzaib / Pinochio~:) — November 21, 2014 @ 12:46 PM

  2. Dear Sir. your site and your guides is very helpful. i would like to ask a question regarding my setup.
    i do have a dsl router in bridge mode->a mikrotik 750 with pppoe of the vdsl–> all ports have the LAN

    i would like to add a second LAN ( that it will not talk to the other subnet and have access to the internet. also i would like to rate limit the traffic to each subnet:
    -download 4Mbps upload 1Mbps for LAN
    -download 30Mbps upload 5Mbps for LAN

    could you help me please?

    Comment by atux atux — June 9, 2015 @ 2:12 PM

    • you can simply create rule in FILTER rule which should have source ip addresses of lan1 and dst address of lan2 ip and same for lan2 to lan1.

      Comment by Syed Jahanzaib / Pinochio~:) — June 9, 2015 @ 2:31 PM

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at

%d bloggers like this: