Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- L2TP VPN Mikrotik
- 1. Interfaces > ether1-gateway > ARP=enable
- 2. Interfaces > ether2-master-local > ARP=reply only
- 3. IP > Addresses > Add New > Address=192.168.99.99/24, Interface=ether1-gateway
- 4. IP > Routes > Add New > Gateway=192.168.99.1, Apply=reachable=ether1-gateway
- 5. IP > DHCP Server > Add ARP for Leases=On
- 6. IP > Pool > Add New > Name=VPN-Pool, Addresses=10.10.10.10-10.10.10.254
- 7. IP > Firewall > NAT > Add New > Src. Address=10.10.10.0/24, Action=masquerade
- 8. IP > Firewall > Filter Rules > Add New > Chain=input, Protocol=udp, Dst. Port=1701,500,4500, Action=accept
- 9. IP > Firewall > Filter Rules > Add New > Chain=input, Protocol=ipsec-ah, Port=51, Action=accept
- 10. IP > Firewall > Filter Rules > Add New > Chain=input, Protocol=ipsec-esp, Port=50, Action=accept
- 11. PPP > Profiles > Add New > Name=VPN-PPP, Local Address=10.10.10.1, Remote Address=VPN-Pool, DNS Server=8.8.8.8, 8.8.4.4, Use Encryption=required
- 12. PPP > Interface > L2TP Server, Enabled, Default Profile=VPN-PPP, pap&chap disabled, mschap1&mschap2 enabled
- 13. PPP > Secrets > Add New > Name=VPN-Secret, Password, Service=L2TP, Profile=VPN-PPP
- 14. IP > IPSec > Peers > Add New > Secret=psk, Exchange Mode=mainl2tp, NAT Traversal=enabled, Hash Algorithm=sha1, Encryption Algorithm=3des, aes128, aes256 enabled, rest disabled, DH Group=modp2048, Port Override=enabled
- 15. IP > IPSec > Proposals > default > Encryption Algorithms=aes128cbc&aes256cbc, PFS Group=none, Remove Lifetime
Add Comment
Please, Sign In to add comment