Recently, I setup couple of PPTP VPN server for oversea clients.
Mr. chupaka was helping me and it working since 10 days ago.
Now, I setting up again PPTP server with Public IP distribution for same clients group.
At this moment. I'm using 4 kind Internet connection.
1. Dynamic 5 public IP 100m/100m 61.xxx.xxx.x/29 range from LG telecom
2. Dynamic 5 public IP 100m/100m 112.xxx.xxx.x/29 range from LG telecom
3. Static 5 public IP 50m/50m 112.xxx.xxx.x/29 range from LG telecom
4. Static C-class IP 50m/50m 218.yyy.yyy.y/24 range from SK Broadband.
I'm using 3 of IP from range1,2,3,4 each for 2 of 6 WAN PPTP server.(total 12 IPs)
So range 1,2,3 have 2 of remained IPs and Range 4 have 250 remained IPs
Problem is range 4 from SK Broadband's oversea bandwidth very poor.
So, I can't using range 4 directly for PPTP server.
Now i want to setup like this.
one of IP(xxx.xxx.xxx.xxx) from range 1 or 2, assign to ether2 of RB-450B with DDNS update for incomming transaction from clients,
assign 218.yyy.yyy.2 to ether1 of RB-450B for outgoing transaction to normal services with public IP address.
assign ip-pool 218.yyy.yyy.3~218.yyy.yyy.250 to distribute to clients.(total 248 clients)
assign 218.xxx.xxx.251 to RADIUS server.
So all client who access to this pptp server(DDNS) can get public IP address from IP-Pool.
I did configuration like this
/interface bridge
add arp=proxy-arp comment="" disabled=no name=lan
/interface ethernet
set 0 comment="" disabled=no name=ether1
set 1 comment="" disabled=no name=ether2
/ip pool
add name=pptp ranges=218.yyy.yyy.3-218.yyy.yyy.250
/ppp profile
add change-tcp-mss=default comment="" dns-server=DNSIP local-address=218.yyy.yyy.2 \
name=profile1-ppp remote-address=pptp
/interface bridge port
add bridge=lan comment="" disabled=no interface=ether1
/interface pptp-server server
set authentication=chap default-profile=profile1-ppp enabled=yes \
keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/ip address
add address=218.yyy.yyy.2/24 broadcast=218.yyy.yyy.255 comment="" disabled=no \
interface=ether1 network=218.yyy.yyy.0
add address=xxx.xxx.xxx.90/29 broadcast=xxx.xxx.xxx.95 comment="" disabled=no \
interface=ether2 network=xxx.xxx.xxx.88
/ip dns
set allow-remote-requests=yes primary-dns=DNS1IP secondary-dns=DNS2IP
/ip firewall service-port
set pptp disabled=no
/ip neighbor discovery
set ether1 discover=no
set ether2 discover=no
set lan discover=no
/ip route
add check-gateway=ping comment="" disabled=no distance=1 dst-address=\
0.0.0.0/0 gateway=xxx.xxx.xxx.89 scope=30 target-scope=10
add check-gateway=ping comment="" disabled=no distance=2 dst-address=\
0.0.0.0/0 gateway=218.yyy.yyy.1 scope=30 target-scope=10
/ppp aaa
set accounting=yes interim-update=5m use-radius=yes
/radius
add address=218.xxx.xxx.251 comment="" disabled=no secret=SECRET service=ppp timeout=2s
/radius incoming
set accept=yes port=1700
and resultely it working well.
but I don't understand how it work.
When client access to this server, can get public IP and also can browsing. but according to connection information (ipconfig/all) there are no gateway(windows 2008 server) or same IP with client Public IP itself(windows XP).
and I'm not sure but anyway CPU power consuming is higher then normal pptp server (which configuration with masguerade,NAT,Private IP-pool)
Can anyone guide me right place?