VPN Configuration

Hello Masters,
I need your help to configure my VPN at different Sites.

The senario is mentioned below.

SITE 1

Router with two LAN Card.
WAN : 192.168.1.2 (GW is 192.168.1.1) with Internet.
LAN : 10.0.0.1/24 Office Network


SITE 2

Router with two LAN card
WAN : 192.168.0.2 (GW is 192.168.0.1) with Internet.
LAN : 20.0.0.1/24 Office Network.


Some Servers are located in my HO, Site 1 and i want to access all that from my Branch Office, Site 2.

Please help me to configure, I am using MT 2.9.29.

Well first thing i we need to know is what type of encryption are you planning on needing? There are many different ways to accomplish a VPN tunnel. You could use IPsec, EOIP, and PPTP.

A great place to start off with good examples of exactly how to accomplish it would be at http://wiki.mikrotik.com/wiki/Tunnels

Hi,

Firstly, I wouldn’t use Public IP’s in the LAN side of the site two, because if you have to access any web page which has any IP of the range 20.0.0.0/24 you will not be able to access it, since the requests will be forwarded to your LAN.

Secondly, the easiest way is to configure IPIP tunnels for these both sites, the configuration would be something like this:

Router-1
interface ipip add name=Tunnel-1 local-address=192.168.1.2 remote-address=192.168.0.2 disabled=no
ip address add address=172.16.0.1/30 interface=Tunnel-1
ip route add dst-address=20.0.0.0/24 gateway=172.16.0.2

Router-2
interface ipip add name=Tunnel-2 local-address=192.168.0.2 remote-address=192.168.1.2 disabled=no
ip address add address=172.16.0.2/30 interface=Tunnel-2
ip route add dst-address=10.0.0.0/24 gateway=172.16.0.1

If you need encryption you can use than IPSec.

I hope this would help you.

Regards.

Faton