SHOW:
|
|
- or go back to the newest paste.
1 | L2TP VPN Mikrotik | |
2 | ||
3 | 1. Interfaces > ether1-gateway > ARP=enable | |
4 | 2. Interfaces > ether2-master-local > ARP=reply only | |
5 | 3. IP > Addresses > Add New > Address=192.168.99.99/24, Interface=ether1-gateway | |
6 | 4. IP > Routes > Add New > Gateway=192.168.99.1, Apply=reachable=ether1-gateway | |
7 | 5. IP > DHCP Server > Add ARP for Leases=On | |
8 | 6. IP > Pool > Add New > Name=VPN-Pool, Addresses=10.10.10.10-10.10.10.254 | |
9 | 7. IP > Firewall > NAT > Add New > Src. Address=10.10.10.0/24, Action=masquerade | |
10 | 8. IP > Firewall > Filter Rules > Add New > Chain=input, Protocol=udp, Dst. Port=1701,500,4500, Action=accept | |
11 | 9. IP > Firewall > Filter Rules > Add New > Chain=input, Protocol=ipsec-ah, Port=51, Action=accept | |
12 | 10. IP > Firewall > Filter Rules > Add New > Chain=input, Protocol=ipsec-esp, Port=50, Action=accept | |
13 | 11. PPP > Profiles > Add New > Name=VPN-PPP, Local Address=10.10.10.1, Remote Address=VPN-Pool, DNS Server=8.8.8.8, 8.8.4.4, Use Encryption=required | |
14 | 12. PPP > Interface > L2TP Server, Enabled, Default Profile=VPN-PPP, pap&chap disabled, mschap1&mschap2 enabled | |
15 | 13. PPP > Secrets > Add New > Name=VPN-Secret, Password, Service=L2TP, Profile=VPN-PPP | |
16 | 14. IP > IPSec > Peers > Add New > Secret=psk, Exchange Mode=mainl2tp, NAT Traversal=enabled, Hash Algorithm=sha1, Encryption Algorithm=3des, aes128, aes256 enabled, rest disabled, DH Group=modp2048, Port Override=enabled | |
17 | 15. IP > IPSec > Proposals > default > Encryption Algorithms=aes128cbc&aes256cbc, PFS Group=none, Remove Lifetime |