VPN access into a 'home' network (behind a Mikrotik router)

nekemaznincs · December 12, 2014, 3:50pm

Hi,

I’d like to make a remote/external VPN access for some of hosts plugged into the Mikrotik router.
The setting looks simple (like in this post: http://forum.mikrotik.com/t/pptp-server-interface/83693/1) ,
but it doesn’t work.

That’s what I did till now (by Winbox):

in the PPP window: turned the servers on (PPTP,SSTP)
added PPP secrets (users who’ll use the VPN)
made server bindings for that two server
(after that I deleted these, it looked doesn’t matter if I make or not)

I saw that if I don’t give IP address for the PPP secret, it’ll log the “could not determine local IP address”
and the VPN logon process dead on the (remote) client. If I give IP address for the PPP secret and I add this
address as a secondary IP address at the client, it’ll log ‘login accepted’ after that I see “could not add address list:
empty list name not allowed (6)” and the VPN logon is dead (on the client).
I really don’t want to do actual IP address setting, rather I’d allot it to the DHCP.

Can anyone help me? What else I have to do for a ‘simple’ remote VPN logon?

Thanks in advance for your replies

ebreyit · December 14, 2014, 8:48pm

Checkout http://wiki.mikrotik.com/wiki/Manual:Interface/PPTP

Especially Connecting Remote Clients.

jmaria62 · December 16, 2014, 7:42am

Hi, I used this link recently and it works fine, spanish version.

http://inkalinux.com/foros/showthread.php?92-VPN-PPTP-Como-enlazar-Dos-Puntos-Remotos-Usando-PPTP-Server-PPTP-Client

nekemaznincs · December 16, 2014, 10:37am

Thanks, it’s a really good one, and google can translate it to english fine
But it’s about site2site VPN, between two Mikrotik routers. I’d like to connect a normal (Windows/Linux) workstation to a network behind a Mikrotik router.

nekemaznincs · December 16, 2014, 10:45am

Thanks, I knew this. The problem it doesn’t write anything about automatic IP addressing. When you connect eg. from your notebook to a remote network by VPN, you won’t do anythinbg about IP addressing, usually (or almost always) this thing managed by DHCP. That’s what I missed.

nekemaznincs · December 30, 2014, 11:55am

Hi,

here’s a short brief about how to set up PPTP which worked for me with the Ubuntu and Win7 internal clients. It can be useful
for another ‘rookie’ users, at least it would have been useful for me So the following is a little “Mikrotik PPTP VPN for dummies”

By WinBox menus:

“IP”–>“Pool”: make a new IP address pool, e.g. “VPN”-“192.168.7.2-192.168.7.100”. Be sure, that this address pool is a brand
new one without any overlap with the previous address pools (e.g if you use 192.168.5.0/24 for lan, use 192.168.6.0/24 for vpn).
“IP”–>“Address”: make a new address for the VPN, for example “Address=192.168.6.1/24”, “Network=192.168.6.0”,
“Interface=ether1…”
“PPP”–>“Profiles”–>“+”: make a new profile (e.g called as “VPN)” and set “Remote Address” to the previously
created address pools (“VPN” in the sample). “Local Address” should be the first address of the pool (in this example 192.168.6.1)
or you can use the defined IP pool.
“PPP”–>“Secret”: create users as needed and assign the previously created profile to them (no address setting required)
“PPP”–>“Interface”–>“PPTP Server”: turn on PPTP server and assign the prevoiusly created profile to it.
if you don’t have/use wifi feature on this router and wanna use internet while using VPN, you have to make a NAT:
“IP”–>“Firewall”–>“NAT”: create a new NAT, “Chain=srcnat”, “Out.interface=pppoe-out..”, action=“masquerade”