Like I have said before, one of the best things that can happen to you as a network engineer/administrator, is to know about Mikrotik and its potentials. Unlike Cisco, a small inexpensive Mikrotik router has the ability to do advance routing, firewall/layer 7 filtering, VPN, and lots more. With Mikrotik, you do not specifically need what Cisco calls security router, because everything is integrated into the router.
One of the key selling points of Mikrotik is what I highlighted above. A lot of people are now using Mikrotik for remote access VPN, making sure that remote users are able to connect to enterprise network when on the road, at no extra cost other than the cost of data subscription.
The challenge most people encounter when configuring a Mikrotik router as a PPTP VPN server is that upon a successful authentication, a VPN user is not able to communicate with devices on the LAN even though the user’s device has a valid IP address assigned by the VPN server and can ping the gateway address assigned to the LAN.
Despite how simple the solution to this problem is, network administrators/engineers often find themselves having this issue.
To resolve, simply go to the interface leading to the LAN you configured the VPN for, double-click on it, click on the arrow beside ARP and choose Proxy-ARP. That’s all. See image below:
Most users have also complained that they are unable to connect more than a device to the VPN network from a remote location. This is because when using L2TP, you can only connect a single device from a network to your VPN network. What this means, is that two devices with the same source IPs cannot connect to an L2TP VPN server at the same time.
- How to configure site to site Ipsec VPN to connect your branch office to the Headquarter using Mikrotik routers
- How to resolve issues faced when setting up Mikrotik usermanager