A Mikrotik implementation of Hamachi-like VPN network

Hello

It seems that more and more users want to “emulate” a LAN between their different sites via VPN connections, so that all their computers, whereever they are in the world, are accessible and visible on a “virtual” secure and private LAN.

Hamachi is the commercial example of this, allowing all computers running it to be “virtually” present on a same “virtual” LAN. Protocols such as file sharing, or direct TCP/UDP connections (secure) are made possible between those machines scattered around the Internet. Even the multicast Bonjour protocol is working perfectly.

The only problem is that every PC needs to run Hamachi… and also that Hamachi is now only commercially available.

Netgear has developped Leaf Networks that simplifies this, as it can be installed at the router level of each site, and not at the PC level.

Has Mikrotik come with a similar solution ?

It would be great to easily configure all my Mikrotik routers on different sites, so that all the computers behind them look like they are on the same private LAN. And for Mac users, the multicast protocol Bonjour should also work between them so that they can see each other with AFP and Finder, as if they were on the same physical LAN.

Hamachi and Netgear (and a few others) make it work, why not Mikrotik ?

There must definitely be a way of configuring this at the router level with RouterOS, with Ethernet over IP or vpn, …

But as Hamachi seems to limit unnecessary “idle” traffic so that it does not overflow the bandwidth with useless packets, I believe the configuration between multiple sites is quite tricky.

So either a Wiki page with a full configuration sample, or (even better!!!) a new ready made “one-click” configuration option in RouterOS would be highly appreciated. ---- Paldies

I don’t know hamachi nor Leafnetworks, but seem to be just a simplified vpn
If you have routeros based equipment on different sites they already know many VPN protocols, not so difficult to configure. Anything involves a road-warrior client must deal with local configuration and maybe problems in the path to your sites, but again you have different protocols you can use on routeros to connect an host to a lan.

If you are just looking to the one-click… maybe you don’t know the complexity of life.

Thanks. I just hope someone who knows hamachi can see this message.

Complexity of life ? Do you want to study the full pppoe protocol instead of using the one-click pppoe client option offered on Mikrotik ?

Hamachi and similar solutions needs ‘mediation server’ to work.
Who should maintain this server (or servers)? MikroTik? For free?

Regards,

Yes, but i would have imagined one central Mikrotik router amongst my network doing that job…

… no, I like one-click, but when something will not function, or you understand some aspects of the protocol or you will not know how to fix.

The great with mikrotik is that you can do things that you can’t imagine in same-price products, and this is because on Mikrotik you have full controll, not a three-parameters web interface. But full control is nothing if you don’t understand the parameters you change.

+1 of this!!!

you can use any tunnel tha tprovides layer2 conectivity, for example L2TP
http://wiki.mikrotik.com/wiki/Manual:Interface/L2TP

to create seemless network, especially if you are making this between RouterOS devices you can bridge tunnel endpoints making it completely transparent.

You will have to organize firewall to filter out unwanted packets using rate limitations.
http://wiki.mikrotik.com/wiki/Firewall_filter

Thanks, that is a good start.

Does anyone feel like writing an example on the wiki ?

todo:
1st create a L2TP tunnel between 2 routers
2nd bridge both ends of tunnel with LAN interface
3rd check if address-space used is the same on both ends
4th check how many management traffic you have over the tunnel, if required, set up firwall with rate limitation