Scribd
Upload
29 views3 pages

Mikro Part 2

This document provides step-by-step instructions for configuring L2TP/IPsec VPN on a MikroTik router and client devices. It includes setting up firewall rules, creating user authentication secrets, and configuring client connections on Windows and macOS. Additionally, it offers troubleshooting tips for connection issues.

Uploaded by

wujekjanusz4
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
29 views3 pages

Mikro Part 2

This document provides step-by-step instructions for configuring L2TP/IPsec VPN on a MikroTik router and client devices. It includes setting up firewall rules, creating user authentication secrets, and configuring client connections on Windows and macOS. Additionally, it offers troubleshooting tips for connection issues.

Uploaded by

wujekjanusz4
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

1. Go to IP > Firewall in Winbox/WebFig.

2. Add a Firewall rule to allow L2TP/IPsec traffic:


• Click "+" to add a new rule.
• Chain: inpxxut.

• Protocol: udp.

• Dst. Port: 500, 4500.

• Action: accept.

• Click Apply and OK.


3. Add another rule to allow L2TP protocol traffic:
• Click "+" again.
• Chain: input.

• Protocol: iIn the Internet Address field, enter the public IP


address of the MikroTik router (or hostname).

2. In the Destination Name, enter a name for the connection (e.g., MikroTik VPN).

3. Click Create.
4. Go to Properties of the new VPN connection and configure:
• Type of VPN: Select L2TP/IPsec.
• Authentication: Set to Preshared Key and enter the shared secret you set in
MikroTik’s IPsec Peer settings.
• Username: Enter the username you created in MikroTik (e.g., vpnuser).

• Password: Enter the passwpsec-esp (ESP is for the L2TP tunnel


encryption).
• Action: accept.

• Click Apply and OK.

Step 6: Assign IP Addresses (Optional)


1. If you’re using static IP assignment for L2TP clients, make sure that the address pool (like
192.168.100.2-192.168.100.100) is not overlapping with other networks in your
router. This range wizxcll be dynamically assigned to connected clients.

Step 7: Set Up Client Configuration


Now, configure the client (Windows, macOS, or any L2TP-compatible device) to connect to your
MikroTik L2TP server.
Step 4: Add L2TP Sexcxcret (User Authentication)
1. Go to PPP and click on the Secrets tab.
2. Click the "+" button to add a new user.
3. Configure the L2TP Secret:
• Name: This is the username for the client (e.g., vpnuser).

• Password: This is the password for the client (e.g., vpnpassword).

• Service: Select L2TP.


• Profile: Select the profile created earlier (e.g., L2TP-Profile).

• Local Address: Set the L2TP server’s local address (e.g., 192.168.100.1).

• Remote Address: Set the IP address pool or range for the L2TP clients (e.g.,
192.168.100.2-192.168.100.100).

4. Click Apply and OK.

Step 5: Configure Firewall Rules


On Windows:
1. Go to Control Panel > Network and Sharing Center > Set up a new connection or
network.
2. Select Connect to a workplace and click Next.
3. Choose Use my Internet connection (VPN).
• ord associated with the username (e.g., vpnpassword).

4. Click OK to save.
5. Connect to the VPN by selecting the connection and clicking Connect.
On macOS:
1. Go to System Preferences > Network.
2. Click the "+" button to add a new connection.
3. Set Interface to VPN, and VPN Type to L2TP over IPSec.
4. Enter the Server Address (public IP of MikroTik).
5. Enter your Account Name (VPN username).
6. Click Authentication Settings and enter the Password and Shared Secret you configured
on MikroTik.
7. Click Apply.
8. To connect, select the VPN connection and click Connect.
Step 8: Test the Connection
1. From the client, try to ping the MikroTik router’s L2TP IP (e.g., 192.168.100.1).

2. Check if the connection is established and if the client can access other resources behind the
router.

Troubleshooting:
• If you cannot connect, double-check your firewall rules.
• Make sure the IPsec configuration (shared secret, encryption algorithms) on the client
matches the MikroTik settings.
• Verify that the PPP secret username and password are correct.

You might also like