i have set up my new Mikrotik router and configured vlan, network, firewall already. So all is working fine … only VPN is my problem which i get not running.
I try to use L2TP over IPsec and IPsec Xauth but no success with both. I see incoming informations on the log but L2TP seems getting no data through the channel and stops after some trys… IPsec Xauth is active on Android phone a short time 2 secs or so and then closed the connection. On Remote peer i see the Source IP was 0.0.0.0 still…
My config:
Internet has a dynamic IP with DynDNS using it… so i connect to that DNS entry…
A Fritzbox from the local provider is used as internet Dial in on internal network 192.168.10.254 … the Mikrotik has it’s Eth1 on 192.168.10.1 and the Fritzbox forwarded all as Exposed host to the 192.168.10.1 (Mikrotik)
My internal network where i want to connect the VPN to (Android and iOS phones) is 192.168.11.0/24 (Eth2 / VLANx)
Which is here the best solution to get VPN running and is there any example config i can use for this setup with both sides have dynamic IP’s?
Using WinBox, under Quick Set there is a VPN option. Enable “VPN Access” and enter a secret. This works for me or iOS and MacOSX using the L2TP/IPSEC VPN clients. You login using user “vpn” and you set the secret and password to the secret you entered on the Quick Set page. I had to also add firewall filter rules to open ports 500 and 4500 to get it to work.
To connect from your client you need to know the IP of the MikroTik with the dynamic IP. Again in WinBox, open IP->Cloud. You will see a dialog box to enable a dynamic DNS for your router. Enable this and you can then connect to your router at XXX.sn.mynetname.net from your client.
