Differences

This shows you the differences between two versions of the page.

--- networking:router:mikrotik_vpn_pptp [2017/07/05 09:17]
gcooper
+++ networking:router:mikrotik_vpn_pptp [2018/06/25 10:45] (current)
gcooper
@@ Line 1: / Line 1: @@
 ====== Mikrotik PPTP VPN ======
-FIXME Needs verification and completion
+See also **[[networking:router:mikrotik_vpn|Mikrotik VPN Notes]]**
 http://wiki.mikrotik.com/wiki/Manual:Interface/PPTP#Server_configuration
@@ Line 10: / Line 10: @@
 ===== Enable PPTP Server =====
+FIXME Needs updating for newer RouterOS, but still works.
 {{ :networking:router:mikrotik_vpn_pptp_1.png?255|Enable PPTP Server}}
@@ Line 20: / Line 22: @@
     * Encrypted
-===== Create IP Pool for Multiple Users =====
+===== Create a Single User =====
+**PPP -> Secrets**
+  * **Name**
+    * Username
+  * **Password**
+  * **Service**
+    * ''pptp''
+  * **Local Address**
+    * Same for all users
+    * Router's LAN address
+  * **Remote Address**
+    * Different for each user
+    * Outside of DHCP range
+  * **Profile**
+    * ''default-encryption''
+===== For Multiple Users =====
 {{ :networking:router:mikrotik_vpn_pptp_2.png?255|PPTP IP Address Pool}}
@@ Line 30: / Line 50: @@
 **PPP -> Profiles -> Default-Encryption**
-{{ :networking:router:mikrotik_vpn_pptp_3.png?300|Default-Encryption Profile}}
   * Local Address (LAN address of router)
     * Same for all users
-  * Remote Address (PPTPpool)
+  * Remote Address (PPTPpool) {{ :networking:router:mikrotik_vpn_pptp_3.png?255|Default-Encryption Profile}}
     * Pool you created
@@ Line 41: / Line 59: @@
   * Specify profile (Default-Encryption)
-===== Create Single Users =====
-**PPP -> Secrets**
-  * **Name**
-    * Username
-  * **Password**
-  * **Service**
-    * ''pptp''
-  * **Local Address**
-    * Same for all users
-    * Router's LAN address
-  * **Remote Address**
-    * Different for each user
-    * Outside of DHCP range
-  * **Profile**
-    * ''default-encryption''
 ===== Proxy-ARP =====
-:!: Enable Proxy-ARP on the LAN interface for proper (layer 2 address) ARP resolution.
+:!: Enable Proxy-ARP on the **LAN interface** for proper layer-2 address ARP resolution.
 **Interfaces -> etherN -> General -> ARP -> Proxy-ARP**
-:!: If you use a LAN bridge, modify that.
+:!: If you use a **LAN bridge**, modify that.
-**Bridge -> Dbl click LAN Bridge -> General -> ARP -> Proxy-ARP**
+**Bridge -> YourLanBridge -> General -> ARP -> Proxy-ARP**
 ===== Firewall =====
-**PPTP** uses:
+{{ :networking:router:mikrotik_vpn_pptp_4.png?750 |PPTP VPN Firewall Rules}}
+**PPTP** utilizes:
   * TCP port 1723
@@ Line 79: / Line 80: @@
 Accept PPTP in Mikrotik:
-:!: Needs testing for added comment= and place-before= options
 <file>
-/ip firewall filter add chain=input action=accept protocol=tcp dst-port=1723 comment="PPTP VPN port 1723" place-before=0
+/ip firewall filter add chain=input action=accept protocol=tcp dst-port=1723 comment="PPTP VPN - 1723" place-before=0
-/ip firewall filter add port chain=input action=accept protocol=gre comment="PPTP VPN gre" place-before=0
+/ip firewall filter add chain=input action=accept protocol=gre comment="PPTP VPN - GRE" place-before=0
 </file>
+===== Client Connection =====
+See also **[[networking:windows:windows_vpn|Windows VPN Notes]]**
+{{ :networking:router:mikrotik_vpn_pptp_5.png?300 |Windows 8.1 PPTP Connection}}

Virtual Architects Support Wiki

User Tools

Site Tools

Differences

Page Tools