VPN into a VLAN (Working, SSTP)

RouterOS Beginner Basics
1

On my mikrotik router, I have VLAN3 reserved for network device mgmt. Address Pool: 172.16.2.50-172.16.3.254

Since Romon doesn’t work in a unifi switch environment, I need to login into the vlan for network devices, to manage my mikrotik switches and APs in the office, remotely.

My steps in creating a PPTP VPN for VL3:

  1. Create a new address pool called “VL03 VPN Pool”: 172.16.2.45-172.16.2.49

  2. Create a PPP Profile as such. 172.16.2.1 is the gateway of the VL3 network.
    z2.jpg

  3. Enable PPTP server tagged the following profile
    z1.jpg

  4. Added the user
    z3.jpg

  5. Created a rule to allow TCP 1723 to the mtik router.

  6. I can connect and authenticate to the PPTP Server but I cannot ping any devices in the VL3 subnet.

The setup seems too simple for a mikrotik. If I don’t get acid-reflux in the middle of learning how to implement a new feature in a mikrotik, I’m not doing something right. What am I missing.

2

I may be wrong but try enabling “Proxy-Arp” on the interface that the VLAN is attached to.

3

That did it! Thank you. No acid reflux after all.

4

In addition, instead of PPTP which is old and supposedly insecure, I’ve managed to utilise SSTP via another acid-reflux-free guide:
http://www.dr0u.com/mikrotik-setup-sstp-server-for-windows-10-client/