-

How to configure VPN L2TP-IPsec PPTP VPN site2site on Mikrotik

2

How to configure VPN Remote Access on Mikrotik
remote-access VPN allows individual users to establish secure connections with a remote computer network. VPN is virtual private dial-up network (VPDN), acknowledging that in its earliest form, a remote-access VPN required dialing in to a server using an analog telephone system.


images 


The other required component of remote-access VPNs is client software. In other words, employees who want to use the VPN from their computers require software on those computers that can establish and maintain a connection to the VPN. They allow users to establish secure online connections independently with a remote computer network based anywhere in the world. A remote-access VPN is great for individual employees, but what about entire branch offices with dozens or even hundreds of employees. 

download_1
we'll look at another type of VPN used to keep businesses connected LAN-to-LAN. However, when choosing for secure remote access VPNs, there are many security and data theft threats that must be eliminated before remote access can be allowed securely. In here we have some guild line for configuration VPN Remote Access on Mikrotik. 


A. VPN Remote Access
1. PPTP Server
- PPP  Interface  PPTP Server  Enable  Apply OK
- IP  Pool  + Add 
- Name: DHCP_PPTP
- Addresses: 192.168.3.5-192.168.3.10
 Apply  OK
22

2- PPP  Profile  + Add 
 - Name: PPTP-Profile 
- Local Address: 192.168.0.1 (IP LAN Router)
- Remote Address: DHCP_PPTP  Apply  OK
 - PPP  Secrets  + Add 
- Name: vpn - Password: 123456
- Service: pptp 
- Profile: L2TP_Profile  Apply  OK 

23

B. L2TP with IPsec
- PPP  Interface  L2TP Server  Enable  Apply  OK - IP  Pool  + Add
- Name: DHCP_L2TP&IPsec
- Addresses: 192.168.2.5-192.168.2.10  Apply  OK

24

- PPP  Profile  + Add 
- Name: L2TP_Profile
- Local Address: 192.168.0.1 (IP Lan Router)
- Remote Address: DHCP_L2TP&IPsec
 Apply  OK
- PPP  Secret  + Add
- Name: vpn
- Password: 123456
- Service: l2tp
- Profile: L2TP_Profile
 Apply  OK

26

- IP  IPsec  Policies  + Add General
 - Src. Address: 0.0.0.0/0
 - Dst. Address: 0.0.0.0/0  Apply  OK - Peers

27

- Peers  + Add
- Address: 0.0.0.0/0
- Port: 500
- Secret: 123456
- Hash Algorithm: sha1
- Encryption Algorithm: 3des aes-128
- DH Group:  modp1024
 Apply  OK
- Proposal  + Add
- Name: Proposal
- Auth. Algorithm:  Sha1
- Encr. Algorithms:  3des  aes-128 cbc

28

C. VPN client L2TP-IPsec on Mikrotik

1.- PPP  Interface  + L2TP Client  Dial out 
- Connect To: 115.178.25.134 (IP address VPN Server)
- User: than
- Password: than@123
-  Use IPsec
- IPsec Secret: digi@123
- Apply  OK

29

2. VPN Site to Site
30

- Site A
- System  Logging  Rules  + Add  Topics: ipsec Apply  OK
- IP  IPsec  Policies + Add

31

 General
- Src. Address: 192.168.0.0/24
- Dst. Address: 192.168.222.0/24  Action
-  Tunnel - SA.Src.Address: 115.178.25.134
- SA.Dst.Address: 115.92.240.142  Apply  OK

33

Peer
- Address: 115.92.240.142
- Port: 500
- Secret: 123456
- Hash Algorithm: sha1
- Encryption. Algorithm:  3des  aes-128
35

 Check VPN Site to Site 
36

 Test VPN Site to Site

37
Distributed by Gooyaabi Templates | Designed by OddThemes