User Tools
networking:router:mikrotik_vpn_l2tp
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
|
networking:router:mikrotik_vpn_l2tp [2016/05/13 12:35] jcooper created |
networking:router:mikrotik_vpn_l2tp [2019/08/14 14:13] (current) gcooper |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Mikrotik | + | ====== Mikrotik |
| - | FIXME Needs verification and completion | + | **RouterOS v6.44 or above**: https:// |
| - | http://wiki.mikrotik.com/wiki/ | + | Stats: |
| - | http:// | + | New info? http:// |
| - | * All traffic routes through tunnel | + | FIXME Needs verification and completion |
| - | ===== Enable PPTP Server ===== | + | http:// |
| - | **PPP -> Interface | + | http:// |
| - | * MTU 1460 | + | https:// |
| - | * MSCHAPv2 (encryption) | + | |
| - | ===== Create Single Users ===== | + | * All traffic routes through tunnel |
| - | **PPP -> Secrets** | + | ===== Enable L2TP Server ===== |
| - | | + | **PPP -> Interface -> L2TP Server -> Enable** |
| - | * Username | + | |
| - | * **Password** | + | |
| - | * **Service** | + | * L2TP has 40-byte overhead |
| - | * '' | + | * 1450 - Lowering the MTU can speed up VPN - test path MTU first |
| - | * **Local Address** | + | |
| - | * Same for all users | + | * Default Profile |
| - | * Router's LAN address | + | * Select |
| - | * **Remote Address** | + | * Authentication |
| - | * Different for each user | + | * De-select '' |
| - | * Outside of DHCP range | + | * Select '' |
| - | * **Profile** | + | * Select '' |
| - | * '' | + | * Enter IPsec Secret needed to configure client |
| + | * Click '' | ||
| ===== Create IP Pool for Multiple Users ===== | ===== Create IP Pool for Multiple Users ===== | ||
| Line 38: | Line 38: | ||
| **IP -> Pool -> Add** | **IP -> Pool -> Add** | ||
| - | * Range of addresses (192.168.1.10-192.168.1.20) | + | |
| + | | ||
| **PPP -> Profiles -> Default-Encryption** | **PPP -> Profiles -> Default-Encryption** | ||
| Line 45: | Line 46: | ||
| * Remote Address (pool you created) | * Remote Address (pool you created) | ||
| - | **PPP -> PPTP Server | + | **PPP -> Interface |
| - | * Specify | + | * Specify Default |
| + | |||
| + | ===== Create Users ===== | ||
| + | |||
| + | **PPP -> Secrets -> Add+** | ||
| + | |||
| + | * **Name** | ||
| + | * Username | ||
| + | * **Password** | ||
| + | * **Service** | ||
| + | * '' | ||
| + | * **Local Address** (leave blank if using IP pool) | ||
| + | * Same for all users | ||
| + | * Router' | ||
| + | * **Remote Address** (leave blank if using IP pool) | ||
| + | * Different for each user | ||
| + | * Outside of DHCP range | ||
| + | * **Profile** | ||
| + | * '' | ||
| ===== Proxy-ARP ===== | ===== Proxy-ARP ===== | ||
| Line 57: | Line 76: | ||
| **Interfaces -> etherN -> General -> ARP -> Proxy-ARP** | **Interfaces -> etherN -> General -> ARP -> Proxy-ARP** | ||
| - | ===== Firewall ===== | ||
| - | **PPTP** uses: | ||
| - | * TCP port 1723 | ||
| - | * GRE (protocol ID 47) for tunneling | ||
| - | Accept PPTP in Mikrotik: | ||
| - | < | + | |
| - | /ip firewall filter add chain=input action=accept protocol=tcp dst-port=1723 | + | |
| - | /ip firewall filter add chain=input action=accept protocol=gre | + | |
| - | </ | + | |
networking/router/mikrotik_vpn_l2tp.1463164524.txt.gz · Last modified: 2016/05/13 12:35 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
