Fmovi

How to configure VPN Remote Access on Mikrotik

A remote-access VPN allows individual users to establish secure connections with a remote computer network. VPN is virtual private dial-up network (VPDN), acknowledging that in its earliest form, a remote-access VPN required dialing in to a server using an analog telephone system.

The other required component of remote-access VPNs is client software. In other words, employees who want to use the VPN from their computers require software on those computers that can establish and maintain a connection to the VPN. They allow users to establish secure online connections independently with a remote computer network based anywhere in the world. A remote-access VPN is great for individual employees, but what about entire branch offices with dozens or even hundreds of employees.

we'll look at another type of VPN used to keep businesses connected LAN-to-LAN. However, when choosing for secure remote access VPNs, there are many security and data theft threats that must be eliminated before remote access can be allowed securely. In here we have some guild line for configuration VPN Remote Access on Mikrotik.

A. VPN Remote Access
1. PPTP Server
- PPP  Interface  PPTP Server  Enable  Apply OK
- IP  Pool  + Add 
- Name: DHCP_PPTP
- Addresses: 192.168.3.5-192.168.3.10
 Apply  OK

2- PPP  Profile  + Add 

- Name: PPTP-Profile

- Local Address: 192.168.0.1 (IP LAN Router)

- Remote Address: DHCP_PPTP  Apply  OK

- PPP  Secrets  + Add

- Name: vpn - Password: 123456

- Service: pptp

- Profile: L2TP_Profile  Apply  OK

B. L2TP with IPsec
- PPP  Interface  L2TP Server  Enable  Apply  OK - IP  Pool  + Add
- Name: DHCP_L2TP&IPsec
- Addresses: 192.168.2.5-192.168.2.10  Apply  OK

- PPP  Profile  + Add 
- Name: L2TP_Profile
- Local Address: 192.168.0.1 (IP Lan Router)
- Remote Address: DHCP_L2TP&IPsec
 Apply  OK
- PPP  Secret  + Add
- Name: vpn
- Password: 123456
- Service: l2tp
- Profile: L2TP_Profile
 Apply  OK

- IP  IPsec  Policies  + Add General
- Src. Address: 0.0.0.0/0
- Dst. Address: 0.0.0.0/0  Apply  OK - Peers

- Peers  + Add
- Address: 0.0.0.0/0
- Port: 500
- Secret: 123456
- Hash Algorithm: sha1
- Encryption Algorithm: 3des aes-128
- DH Group:  modp1024
 Apply  OK
- Proposal  + Add
- Name: Proposal
- Auth. Algorithm:  Sha1
- Encr. Algorithms:  3des  aes-128 cbc

C. VPN client L2TP-IPsec on Mikrotik

1.- PPP  Interface  + L2TP Client  Dial out 

- Connect To: 115.178.25.134 (IP address VPN Server)

- User: than

- Password: than@123

-  Use IPsec

- IPsec Secret: digi@123

- Apply  OK

2. VPN Site to Site

- Site A
- System  Logging  Rules  + Add  Topics: ipsec Apply  OK
- IP  IPsec  Policies + Add

 General
- Src. Address: 192.168.0.0/24
- Dst. Address: 192.168.222.0/24  Action
-  Tunnel - SA.Src.Address: 115.178.25.134
- SA.Dst.Address: 115.92.240.142  Apply  OK