User Tools
networking:router:mikrotik_vpn_l2tp
This is an old revision of the document!
Table of Contents
Mikrotik L2TP VPN
Needs verification and completion
http://wiki.mikrotik.com/wiki/Manual:Interface/L2TP#Server_configuration
http://wiki.mikrotik.com/wiki/Manual:Interface/L2TP
https://www.youtube.com/watch?v=tpgEqzwj_OQ
- All traffic routes through tunnel
Enable L2TP Server
PPP → Interface → L2TP Server → Enable
- MTU 1450
- Authentication uncheck chap and pap leave MSCHAPv2 and MSCHAv1
- Check Use IPsec enter IPsec Secret needed to configure client
Create IP Pool for Multiple Users
IP → Pool → Add
- Name L2TPpool
- Range of addresses e.g. (192.168.1.10-192.168.1.20) outside of LAN DHCP range
PPP → Profiles → Default-Encryption
- Local Address (same for all)
- Remote Address (pool you created)
PPP → Interface → L2TP Server
- Specify Default Profile (Default-Encryption)
Create Users
PPP → Secrets → Add+
- Name
- Username
- Password
- Service
l2tp
- Local Address (leave blank if using IP pool)
- Same for all users
- Router's LAN address
- Remote Address (leave blank if using IP pool)
- Different for each user
- Outside of DHCP range
- Profile
default-encryption
Proxy-ARP
Enable Proxy-ARP on the LAN interface for proper (layer 2 address) ARP resolution.
If you use a LAN bridge, modify that.
Interfaces → etherN → General → ARP → Proxy-ARP
networking/router/mikrotik_vpn_l2tp.1463166184.txt.gz · Last modified: 2016/05/13 13:03 by jcooper
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
