The good thing about Mikrotik l2tp vpn is that unlike pptp, it can be configured with ipsec to provide secured and seemless connection to your internal network.
Smart guys are the once that work on the go! The word is fast moving forward and individuals hardly have the time required for pleasantries. To catch up with this fast evolving world, organizations have incorporated solutions that leverage on existing technologies to provide access to network resources based on logical groupings and not physical locations. To accomplish this, technologies like VPN, MPLS and cloud computing have emerged and over the years, have been helping organizations achieve their set goals. The Mikrotik l2tp vpn with ipsec is one of the ways to achieve this.
With Mikrotik l2tp vpn, business owners can keep an eye on their businesses while vacationing abroad and expatriates can quickly resolve tough network issues while dancing to the music of Drake in a five star hotel somewhere in Brazil without leaving rooms for cyber criminals to break into their networks. But somewhere on this planet, some organizations are still stock with the old ways of doing things. Their excuse; cost! They say the cost of deploying VPN technologies is expensive. Well, that was true until Mikrotik came on board. So, today I am going to show you how you can configure Mikrotik l2tp vpn on a Mikrotik router bought for less that $100 to provide remote access connections for many users. No license required whatsoever! I am so excited, lets jump in!
Configuring Mikrotik l2tp vpn on a Mikrotik router
To set up your Mikrotik router for L2tp VPN using Ipsec for encryption, do the following:
On your Mikrotik router, configure at lest one interface with a public IP and make sure the router has access to the internet. After that, do the following for L2tp VPN set up:
>>Click on PPP>>L2tp server. See image below:
Make sure to check the boxes as shown in the image above. Especially the box that says “use Ipsec”. Enter a secret key for Ipsec. This key must be the same as the one you will enter while setting up Ipsec.
Next, we go to IP>>Pool. Here we create the pool of addresses from where the VPN server will assign IP addresses to VPN users. Make sure you have excluded these addresses from your DHCP pool. See below:
Next, go back to PPP>>profile, double click on default encryption and set as shown in the image below:
The local IP address entered must be the one configured on the LAN interface of your router, for the remote address, select the VPN pool you configured earlier. Enter a local DNS address if you have one, otherwise, use a public DNS address as shown here.
Next, click on the secrete tab and create an account with password and leave the service at any. See below: