Smart guys are the once that work on the go! The word is fast moving forward and individuals hardly have the time required for pleasantries. To catch up with this fast evolving world, organizations have incorporated solutions that leverage on technologies that provide access to network resources based on logical groupings and not physical locations. To accomplish this, technologies like VPN, MPLS and cloud computing have emerged and over the years, have been helping organizations achieve their set goals.
Business owners can keep an eye on their businesses while vacationing abroad and expatriates can quickly resolve tough network issues while dancing to the music of Drake in a five star hotel somewhere in Brazil without leaving rooms for cyber criminals to break into their networks. But somewhere on this planet, some organizations are still stock with the old ways of doing things. Their excuse; cost! They say the cost of deploying VPN technology is expensive. Well, that was true until Mikrotik came on board. So, today I am going to show you how you can configure a Mikrotik router bought for less that $100 to provide remote access VPN for so many users. No license required whatsoever! I am so excited, lets jump in!
To set up your Mikrotik router for L2tp VPN using Ipsec for encryption, do the following:
On your Mikrotik router configure at lest one interface with a public IP and make sure the router has access to the internet. After that, do the following for L2tp VPN set up:
>>Click on PPP>>L2tp server. See image below:
Make sure to check the boxes as shown in the image above. Especially the box that says “use Ipsec”. Enter a secret key for Ipsec. This key must be the same as the one you will enter while setting up Ipsec.
Next, we go to IP>>Pool. Here we create the pool of addresses from where the VPN server will assign IP addresses to VPN users. Make sure you have excluded these addresses from your DHCP pool. See below:
Next, go back to PPP>>profile, double click on default encryption and set as shown in the image below:
The local IP address entered must be the one configured on the LAN interface of your router, for the remote address, select the VPN pool you configured earlier. Enter a local DNS address if you have one, otherwise, use a public DNS address as shown here.
Next, click on the secrete tab and create an account with password and leave the service at any. See below: