Difference between revisions of "Configure VPN Server"

From Idrive
Jump to navigation Jump to search
(Blanked the page)
 
(85 intermediate revisions by the same user not shown)
Line 1: Line 1:
Before start configure VPN server download the [http://download2.mikrotik.com/winbox.exe Configuration tool for RouterOS].
 
  
Run Winbox.exe and wait 5-10 sec. until the IP and MAC adress will apear.
 
 
 
 
[[File:Mikrotik1.png|center]]
 
 
 
A pop-up window will apear and choose "Remove Configuration" otherwise the router will create a default configuration.
 
 
 
[[File:Mikrotik2.png|center]]
 
 
 
First step is to create a static IP for your internet connection.
 
 
 
[[File:Mikrotik3.png|center]]
 
 
 
Select "Addresses" from "IP" and click the plus sign.
 
 
 
[[File:Mikrotik4.png|center]]
 
 
 
We used IP 10.3.0.80 which is a local IP from the main router IP Pool and
 
we have forwarded the 1723 port.
 
 
 
[[File:Mikrotik5.png|center]]
 
 
 
Route IP for internet access.
 
 
 
[[File:Mikrotik6.png|center]]
 
 
 
Add IP 0.0.0.0/0 in "Dst. Address:" box. In "Gateway" box add your gateway.
 
 
 
[[File:Mikrotik7.png|1024px|center]]
 
 
 
Select "Bridge" from the left menu and add new bridge.
 
 
 
[[File:Mikrotik8.png|1024px|center]]
 
 
 
From the same interface select "Ports" tab and add interfaces ether1 and ether2 to "bridge_internet"
 
 
 
[[File:Mikrotik9.png|1024px|center]]
 
 
 
[[File:Mikrotik10.png|1024px|center]]
 
 
 
Now repeat the step above and create a new bridge.
 
 
Make sure the "ARP" is disabled!
 
 
 
[[File:Mikrotik11.png|1024px|center]]
 
 
 
From the same interface click on "STP" tab, check "Protocol mode: rstp" and apply.
 
 
 
[[File:Mikrotik12.png|1024px|center]]
 
 
 
Select "Ports" tab from the "Bridge" interface and add new bridge port.
 
 
Select "ether3" and "bridge_tunnel" from the drop-down list.
 
 
 
[[File:Mikrotik13.png|1024px|center]]
 
 
 
Create a third bridge, "bridge_local" with "ARP" enabled and add MAC Address: 00:00:5E:80:01:01.
 
 
Select "STP" tab, check "Protocol mode: rstp" and apply.
 
 
 
[[File:Mikrotik14.png|1024px|center]]
 
 
 
[[File:Mikrotik15.png|1024px|center]]
 
 
 
Return to the IP->Address List interface and add "192.168.0.2/16" to "bridge_local".
 
 
 
[[File:Mikrotik16.png|1024px|center]]
 
 
 
Select "Profiles" tab from PPP interface add new profile.
 
 
From the "General" tab fill the new profile name and select "bridge_tunnel" from drop-down list.
 
 
Select "Protocols" tab and check "yes" from "Use Encryption".
 
 
 
[[File:Mikrotik17.png|1024px|center]]
 
 
[[File:Mikrotik18.png|1024px|center]]
 
 
 
From PPP interface select "Secrets" tab and create new secret.
 
 
Fill with the name and password and select the profile you have created above.
 
 
 
[[File:Mikrotik19.png|1024px|center]]
 
 
 
Select "SSTP Server" from PPP->Interface, check 1723 port, select "default-encryption" and uncheck "pap" and "chap" authentication.
 
 
 
[[File:Mikrotik20.png|1024px|center]]
 
 
 
If the VPN client is configured the connection will start automatically. If the VPN client is not configured, check [[Configure VPN Client]].
 
 
To check active connection select PPP->Active Connection or Bridge->Ports.
 
 
 
[[File:Mikrotik22.png|1024px|center]]
 
 
 
Add the rest of interfaces to "bridge_local" in order to use the router in network.
 
 
 
[[File:Mikrotik21.png|1024px|center]]
 

Latest revision as of 18:16, 7 November 2014

Retrieved from "https://admincenter.idriveglobal.com/wiki/index.php?title=Configure_VPN_Server&oldid=3646"