itkb.ro - IT knowledge base
BASH
Configurare email
Configurare software
Hardware
Linux
Linux Mint
Linux Ubuntu
MIKROTIK
Pentru tonti
Securitate
VMWARE
Windows
mikrotik :: mikrotik l2tp ipsec vpn
|
. |
Title | Mikrotik L2TP IPSEC VPN |
| Tags | mikrotik,l2tp,ipsec | |
| Desc. | Mikrotik L2TP IPSEC VPN | |
| Code | KBMIK0006 v1.0 | |
| Date | 12 mai 2025 |
This is the default VPN access to a Mikrotik router. Use it to connect to it from outside.
Create a pool named l2tp_pool from which VPN clients will get IPs
/ip pool add name=l2tp_pool ranges=172.18.3.2-172.18.3.10
Add a custom profile in PPP / Profiles for the VPN clients. Do not use encryption if connecting with Ubuntu client, otherwise set use-encryption=required.
/ppp profile add name=l2tp local-address=172.18.3.1 remote-address=l2tp_pool use-encryption=no
Add VPN users with passwords
/ppp secret add name=A_USER_NAME password=A_PASSWORD profile=l2tp service=l2tp
Enable the L2TP server with IPsec with preshared key (PSK) for encrypted traffic
/interface l2tp-server server set enabled=yes use-ipsec=required \
ipsec-secret=IPSEC_PSK authentication=mschap2 \
caller-id-type=ip-address default-profile=l2tp
Add firewall to allow connections to L2TP (1701) and IPSEC (500,4500) protocols. Check the position of this rule in input chain to be before some denyall rule.
/ip firewall filter add action=accept chain=input protocol=udp dst-port=500,1701,4500