Skip to main content

MikroTik L2TP/IPsec VPN Configuration.

01. L2TP Server Bonding.
PPP> Interface> L2TP Server Bonding.
Name: L2TP-VPN
Click Apply and OK button.

 02. Enable L2TP Server.
PPP> Interface> L2TP Server>
Enable: Yes
Authentication: Yes (pap, chap, mschap1, mschap2)
Use IPSec: Yes
IPsec Secret: 12345
Caller IP Type: IP address
Click Apply and OK button.
03. Create IP Pool.
IP> Pool> (+)
Name: L2TP-Poll
Address: 30.30.30.30.10-30.30.30.40
Next Pool: None
Click Apply and OK button.
04. Create PPP Profile.
PPP> Profile> (+)
Name: L2TP-VPN
Local Address: 30.30.30.1
Remote Address: L2TP-Pool
Click Apply and OK button.
05. Create PPP account for each users.
PPP> Secret> (+)
Name: abc
Password: 123
Service: L2TP
Profile: L2TP-VPN
Click Apply and OK button.

Client Portion

01. Network and Sharing Center
Set up a new connection or network
Connect to a workplace (Set up a dial-up or VPN)
Next
Use my Internet connection (VPN)
Internet address: 103.X.XX.224
Destination name: L2TP-VPN
Create
User: abc
Password: 123
Next
Setup the connection anyway
02. Network and sharing center
Change adapter settings
L2TP-VPN
Properties
Security
Type of VPN: Layer 2 Tunneling Protocol with IPsec (L2TP/IPsec)
Advance settings: Yes (Use preshared key for authentication) Key: 123
OK
Data encrption: Stuing
Allow these protocols: Yes
Microsoft CHAP Version 2 (MS-CHAP v2)
Ok
03. Connect
User: abc
Password: 123
Ok

Comments

Post a Comment

Popular posts from this blog

Securing of MikroTik Router.

Why? Prevent un-authorized people to access to the system. Intruder can steal information from you, or even deny you access to your resources. Intruder can use your resources to access to the other system. How? Keeping router up-to-date. Securing user & password. Securing physical access. Configuring packages. Hardening services. 01. Keeping router up-to-date firmware. Use current version Check Changelog before upgrade to newer version Download from trusted source Check file (MD5) when download from third party site https://mikrotik.com/download 02. Securing user & password. System> Users Change admin account name. Set complex password. Create separate account for each user. Set allowed address. Put read-only user in “read” group 03. Securing physical access. Interfaces> Interface List Disable Console (optional). Always logout console session. Disable Unused interface. Don’t configunused interface (optional). 04. Configurin
Post a Comment
Read more

MikroTik Firewall Rules.

01. How to change default MikroTik ip services. IP> Services> IP Service List Default ip services SSH: 22 --> 62222 ftp: 21 --> 62121 telnet: 23 --> 62223 www: 80 --> 62880 winbox: 8291 --> 68291 02. Firewall Rules Allow. IP> Firewall> Filter Rules (+) General Chain: input Protocol: 6(tcp) Dst. Port: 8291 Action Action: accept Click Apply and OK button. 03. Test Verification. cmd telnet 192.168.1.1 62223 Login: admin Password: *****
Post a Comment
Read more