Hello,
I’m trying to configure VPN connectivity to my home lab and need a little guidance. I’ve been using pptp but with the need to make some changes, I figure I would move to a more secure protocol. Recommendations on a more secure protocol would be appreciated!
Hardware: RB1100AHx2
Router OS 6.43.12
Goal:
I want to be able to setup two separate VPN tunnels:
- Tunnel 1 will allow my remote computer to behave as if it were actually on my home network. I’m doing this now with pptp, but I understand that’s not really secure.
- Tunnel 2 will be used for my work laptop. I only want traffic destined for my home subnet to pass through the VPN tunnel, everything else should remain on the work network.
I can get Tunnel 1 figured out easily enough, but tunnel 2 seems to be where I am having troubles. I spent some time playing around with it on pptp before realizing I just needed to ask for some help. I was trying to use some firewall and NAT rules to allow or block traffic based on destination subnet, but I either wasn’t configuring them correctly or that was not the correct approach.
Found the following example online to show you what I was starting to play with:
/ppp profile add address-list=VPN_USER_client local-address=10.15.32.33 name=USER remote-address=ovpn-lan
/ip firewall address-list add address=10.0.0.10 list=VPN_USER_server
/ip firewall filter
add action=jump chain=forward jump-target=VPN_USER src-address-list=VPN_USER_client
add action=accept chain=VPN_USER dst-address-list=VPN_USER_server dst-port=3389 protocol=tcp
add action=drop chain=VPN_USER
Any assistance/guidance will be greatly appreciated!
Thanks!