Hello,
I have CRS326-24G-2S+RM router at my office and RB760iGS at home, and i would like to setup a secure VPN. I am a newbie to this, can i get some help please?
Thank you.
Wireguard
L2TP/IPsec
Openvpn
Pick one.
Help pages from Mikrotik describe setups for each of them.
Personal favorite: wireguard. Outperforms all the others.
The CRS326 is what I would call a great L3 switch with HW-offloading functionality if used within it’s documented capabilities. (I use them as L3 switch with HW routing, OSPF, and iBGP. Works very reasonable for a small L3-network)
Any high intensity CPU tasks on this device is gonna perform terrible overall. For tasks that are CPU bound. And unable to be offloaded. (e.g. firewall, VPN performance).
I would expect even RB760iGS can deliver you better performance than the CRS326 when used for vpn server/client endpoint.
mikrotik.com/products/compare/CRS326-24G-2SplusRM+RB760iGS - 1C1T vs 2C4T (C, cores, T, threads)
That being said
You can use it as a router or VPN gateway.
Just do not expect the very greatest of firewall/vpn performance for a device that is meant to be a switch.
See the documentation for getting started with a VPN solution on MT:
https://help.mikrotik.com/docs/display/ROS/Virtual+Private+Networks
Wireguard is the simplest to get going with. In terms of configuration required.
ZeroTier will require at minimum a free account with ZeroTier.com. & connecting your ZeroTier clients with your account.
- Both OpenVPN and WireGuard requires at least one end of the tunnel has a public IP.
- ZeroTier uses Network Address Translation Holepunching to be able to connect multiple clients behind CGN IP’s together.