I am having problem with establishing PPTP link between my MT’s 450 RouterOS server and Windows XP Client. I have been done everything from documentation to configuring my PPTP server and XP client, but I can’t establish PPTP link over INTERNET. I am able to access RB450 router while within the same attached LAN network through my Windows XP client, but when i try to access RB450 from outside (over INTERNET) it drops the connection and when connecting process goes through its “verifying username and password” process it gives me an error message “Error 619 a connection to remote computer could not established, the port used for this connection was closed”. Below is my configuration for PPTP link between MT 450 server and Windows XP client:
RB450 setup at remote location:
Winbox—> menu—> IP—> Routes—>add(+)----> Destination:0.0.0.0/0----> Gateway: 192.168.0.1 (default internal IP of NetGear ADSL modem+router)----> Apply—> OK.
http://192.168.0.1---->web interface-----> Advanced Setup----->Port Forwarding ---->Application Type: PPTP VPN---->Add----> External Packet: All-----> Protocol:TCP,RGE ----->Port:1723,47 ----> Internal Host IP:192.168.0.x (assigned by adsl modem+router to MT RB450 through its DHCP server)----> Save.
Firewall Rules: Disabled ------>Save
DNS----> add DDNS----> HostName----> hostname.dyndns.org----> Username: Username of hostname account---->password: used password with hostname account---->Save/apply.
PC at Home:
Network connections----> create new connections---->connect to network at my places---->VPN connection----->company name:Mikrotik---->Public network: select don’t dial the initial connection—>VPN server selection----> Host name or IP address: hostname.dyndns.org—>Finish
—> connect Mikrotik window pops up-----User name: ex1(used with pptp-server in secrets at RB450)—>passwoad:*****(used with pptp-server in secrets at RB450) ---->“verifying user name and password”------> Error619: Unable to establish VPN connection with remote computer.
Hi Hilton! I have been studying hard and have been tried for a week all of these techniques submitted in online examples for MT, on wiki and also on the forum, but afraid to say that no one helped me in establishing my PPTP link between MT router and Windows XP.
Actually, i have done nothing more than just only tried to configure the Netgear’s DSL modem for port forwarding to access MT450 through it. Please help further with PPTP setup, if i am missing something in my configuration.
Generally, a 619 error means that the PPTP client on your computer cannot negotiate a connection with the VPN server. Unfortunately, there can be multiple causes for a 619 error. Check your MikroTik servers log to see if there is something more sensible than just a general error.
Hi Hilton! Sorry to ask (a MT beginner), but please let me know which remote IP you are asking to telnet on 1723 and how to telnet it from my home PC to remote MT RB450? At the remote location where RB450 is located i got dynamic IP from ISP, but running dyndns.org registered hostname service at Neatgear modem/router and i do access my DSL Netgear modem/router through “myhostname.dyndns.org:8080” over internet from my home PC with out any problem, but unable to access MT RB450 connected behind it. Also there are no ip firewall filter rules configured at MT RB450. Please let me know what firewall and NAT rules i need to have configure and how to set it up at RB450 in setting up PPTP link.
Secondly, please let me know how do you change my netgear into bridge mode and use MT my proper router, as i had set this netgear DSL modem+router to bridge mode to access MT directly from it, but it lost the internet connectivity to attached MT behind it, as ISP providing internet connection through PPPOE connection and netgear modem+router is acting as a PPPOE server and MT RB450 is configured as PPPOE client.
For the netgear, look through the settings, it’s currently set to router mode. Make a backup of the settings and find something that says bridge or half-bridge. This will turn it into a modem which the Mikrotik may then use to dial out with.
Hi THG! Do i need to have set some firewall and NAT rules to access VPN server from the public side like internet. There are no firewall and NAT rules configured at remote MT RB450 to access it from outside. If this is the case please let me assist with the firewall configurations to access MT from outside.
Hi Hilton! Thank you so much to keeping assisted me and for wiki guide. I’ll study it and let you know about it.
Yes! there is bridge mode option at ADSL neatgear modem+router. after switching the neatgear modem to bridge mode, could you please let me provide the Winbox configuration how to establish PPPoE session for RB450 and running a DHCP serve on it to its DHCP clients as i am already running DHCP server on RB450 for its DHCP clients on its LAN ports and last time when i switched my modem to bridge mode i got lost my internet connection to RB450. I think there was some configuration mistake when i switched the modem in bridge mode last time. I had made it in hurry that time. But i want to give it a try once again with proper configuration according to your configuration guide for modem as a bridge and RB450 as a PPPoE client. May be this time i think it can solve my MT and Windows-XP PPTP connectivity problem.
Hoping your full configuration assistance for this setup with Winbox.
Thanks Hilton! I’ll get to the remote location to configure it as per your guide and let you know about it after coming back. Till then have a nice time.
Hi Hilton! I have switched my Neatgear DSL Mode+router at remote location in bridge mode and run PPPoE and DHCP client session one by one at RB450, but i am afraid to say that none of these sessions worked. PPPoE client remained in dialing... and disconnecting mode, while tried DHCP session, keeping PPPoE session OFF, it keeps remaining in search mode. Then i started an auto detection process to check connection type from the ISP and get these conclusions for the connection type from ISP:
Scanning internet connection type:
PVC(8/35): No response
PVC(0/38): No response
PVC(0/35): Detected a PPPoE LLC/SNAP connection type from your ISP.
Back Next....
and setup this connection at modem/router for internet access. At this connection RB450 worked well for both as a PPPoE client and DHCP client with no problem at all.
Wait Pls! got something! i mess with the configuration at modem+router end and i got that DHCP must be ON at modem to get access to internet at RB450 and i kept it ON. Secondly what extra things i did that i selected the "PPP IP extension" option with default route and deselected the "NAT" option at DSL modem+router for WAN setup and restart it. I didn't get any such options in the menu bar after restarting Modem+router, such as port forwarding, DMZ, Dynemic DNS, remote access etc. But RB 450 get still connected to the internet with DHCP Client session and got the same Public IP address and gateway at ether1 interface at RB450 as is shown at the Modem+router's WAN connection status window assigned by ISP. PC connected to internal network is getting ip address assigned by DHCP server at RB450 with accessing internet without any problem. I didn't used to get this type of IP address and gateway before ether1 at RB450, before IP address at ether1 was the assigned IP from DSL Modem+router's DHCP server and gateway was it default internal IP i.e 192.168.0.1 (for netgear).
What do you say? please let me know is it a correct configuration? I think now modem is actully bridged with RB450 and right configuration to make the PPTP link work between RB450 and windows XP. Sorry! i can't check for PPTP link today because of shortage of time, but try it tomorrow and let you know.
Hi Hilton! afraid to say that the problem is still persist with Error: 619 while my PC verify userneame and password to establish connection with PPTP server at RB450. I think this is not the problem between modem and RB450, because connection drops when it verify user name and password. It means PPTP client is negotiating with Sever, but server is not making it to access, please correct me if i am wrong. I have been double checked with the PPTP server configuration and its okay! Thats why because when i connect my PPTP client PC with RB450’s local network it establish PPTP link with RB450 after verifying user name and password, but drops connection when i try to access it from outside (internet). I seems that it requires proper configuration for firewall and NAT rules at RB450. Please help me with necessary firewall rules for PPTP link at RB450.
if is ok change client_Public_IP to IP_Range1-IP_Range2 where IP_Range is a range of IP’s that you are getting from your client provider ex:89.122.0.0-89.122.255.255 (check few days http://whatismyipaddress.com from the client Windows XP)
http://192.168.0.1---->web interface-----> Advanced Setup----->Port Forwarding ---->Application Type: PPTP VPN---->Add----> External Packet: All-----> Protocol:TCP,RGE (47)----->Port:1723 ----> Internal Host IP:192.168.0.x (assigned by adsl modem+router to MT RB450 through its DHCP server)----> Save.
Firewall Rules: Disabled ------>Save
DNS----> add DDNS----> HostName----> hostname.dyndns.org----> Username: Username of hostname account---->password: used password with hostname account---->Save/apply.
PC at Home:
Network connections----> create new connections---->connect to network at my places---->VPN connection----->company name:Mikrotik---->Public network: select don’t dial the initial connection—>VPN server selection----> Host name or IP address: hostname.dyndns.org—>Finish
—> connect Mikrotik window pops up-----User name: ex1(used with pptp-server in secrets at RB450)—>passwoad:*****(used with pptp-server in secrets at RB450) ---->“verifying user name and password”------> Error619: Unable to establish VPN connection with remote computer.
If i am missing something please let me correct with the configuration.
I am little bit cunfused with internal IP of RB450. In port forwarding process at dsl modem+router it ask me Host Internal IP:_____________. what actually i have to enter in this box the internally assigned IP address of ether1 (DSL Modem’s LAN port is connected to ether1 of RB450) or the assigned IP add. from dsl modem+router to its host i.e RB450? I am using one which is being assigned by modem+router through its DHCP server to RB450.
Secondly, i have been tried all the configurations discussed so far in Mikrotik documentation and wiki to establish PPTP link, but no success your configuration seems different and will give it a try. Please let me know did this setup worked for you?
Hi ktcomgrup! I have been tried all above said configuration and also checked to switch my Neatgear DSL Mode+router at remote location in bridge mode and run PPPoE and DHCP client session one by one at RB450, but i am afraid to say that none of these sessions worked. PPPoE client remained in dialing..... and disconnected..... mode, while tried DHCP client session, keeping PPPoE session OFF, it keeps remaining in search mode. Then i started an auto detection process to check connection type from the ISP and get these conclusions for the connection type from ISP:
Scanning internet connection type:
PVC(8/35): No response
PVC(0/38): No response
PVC(0/35): Detected a PPPoE LLC/SNAP connection type from your ISP.
Back Next....
and setup this connection at modem/router for internet access. At this connection RB450 worked well for both as a PPPoE client and DHCP client with no problem at all.
Any different configuration which can work for me surely?
First resolve PPPoE out from RB450.
Is easier if you set PPPoE out from local WEB interface (ex:192.168.0.1:80) and set PPPoE and interfaces.
When switching from NAT to Brigde on Netgear your ISP will see a different device (MAC) and maybe he has some kind of protection. For example in my country after I switch from Router to bridge I have to keep the devices off for at least 30 min and after that power them on.
Right now I’m using Mikrotik as PPPoe client + Router + VPN Server behind an ADSL device set as Modem
ktcomgrup thanks! I’ll try once gain to establish PPPoE client sessions again at RB450. Could you please let me provide the step-by-step configuration guide to set PPPoE out from local WEB interface, i am confusing with ex: 192.168.0.1:80?. I am going to reset RB450 an reconfiguring it from the beginning one again.