Good evening. I’m going to be traveling in a few weeks and will need to be able to remote into one of my computers at home from my hotel. I want to get some configuration advice on the best way to achieve this since I’m new to RouterOS.
I have a 1GB/1GB fiber PPPOE connection wired directly into my RB750Gr3. The RB750Gr3 takes care of VLAN tagging, the PPPOE credentials, etc.
From there, the particular computer I will need to access is hard wired through a Cisco SG300-10PP switch.
I need to be able to remote desktop to this particular machine (Windows) from wherever I am. I figured a VPN set up might be the best option.
Hmmm, doesn’t look like MacOS supports SSTP. I’ll research it a bit more, thanks.
I configured L2TP/IPSec last night and have successfully connected using my iPhone and my Macbook. To make sure that there were no issues connecting off network, I had my brother connect from his place using an account I set up for him and its looks to be working ok.
Unfortunately, remote desktop from my Macbook to my PC won’t connect once I’m on the VPN. Teamviewer worked fine, but now it has me curious on what I’m missing since it only fails to RDP when i’m on the VPN.
Is your VPN on same IP Subnet as LAN? If so, my suggestion will be to use a separate IP Subnet for your VPN and then route between the networks.
Also make sure firewall allows Input / Forward chain rules for the VPN subnet in order to access LAN and Router via VPN.
If you want, you can post output from “export hide-sensitive” here, this will hide any passwords, etc and then manually remove serial number and software id (should be top of the export output) and mask sensitive IP’s such as WAN IP the last two octets with xx.xx, i.e. 196.40.xx.xx and we can see what and where needs changing / correcting
Well, I feel like an idiot. I set the IP pool for the VPN to 192.168.1.100 - 192.168.1.105 and it worked on the first shot. I guess it never occurred to me (networking isn’t my background) that there would be routing/gateway issues by having the VPN on the same subnet. I figured it would treat it just as if I was at home (this computer is 192.168.0.19 at home, 192.168.0.100 when VPN remote). Apparently not!
But, with that figured out, if you do see anything wrong with my config, or have any tips you could offer, I’m all ears. Thanks!
IPSec may not work everywhere. Hotspots may block it. Hotels will likely allow it. Our international airport blocks all obvious VPNs like IPSec, PPTP
https://www.softether.org/ is an “Open-Source Free Cross-platform Multi-protocol VPN Program”.
It can be daunting to learn, but with that on your Mac you’d be able to use SSTP.
Sometimes I use this on Windows when I want a reliable “Always On” SSTP VPN for road warriors.
SSTP works over TCP and uses certificates. If you use this on port 443 then you’ll have a lot of success getting through firewalls.
if you bring a tiny router with you, like a mAP-lite, then you can configure the SSTP client on the router, and use all your devices through it. It can even work as a repeater, when the only internet is over wireless.
@Jfdlew, excellent suggestion above, I will use it, also, if you do go this way, then you can setup a site to site SSTP VPN between the Mikrotiks and do not need certificates then
And another interesting feature what normis suggests:
Last vacation I was on the Canary islands… and the hotel had a 30 minute free internet. After that it blocks it.
I found out it does that based on MAC address. So if you make a scheduler that adds one digit up to the WiFi MAC address, then the hotel “thinks” that there is a new connected client. Worked for one week perfectly (after that the vacation was over… )
But if you see anything glaringly obvious that I need to do for security, please let me know. Thanks!
)