VPN providers are becoming more popular, and due to my countries recent data retention policies I’m considering one. I plan to have it setup on the Mikrotik to encrypt the whole subnet (a seperate VLAN in my case, really only 2-3 devices) I don’t really wan’t to use PPTP.
Can anyone recommend one? Who has experiencing using one with a Mikrotik device? I’m leaning towards NordVPN but not sure if it will work..
Thanks
@Musicso Did you have to disable, add or remove any specific rule filters to make it work?
I got Purevpn and Unlimited vpn which have almost identical configuration but I’m unable to use the service from the Mikrotik or anything behind it.
I have RouterOS 6.38.5 and a RB2011UiAS-2HnD, any feedback will be very welcome.
Hello all,
Do you have any other suggestion? As you know PPTP is not safe solution. Even on NordVPN tutorial site is written "Please note that PPTP is a very old VPN protocol, and is considered unsafe. Please use it at your own risk." Is it safe to use this protocol for P2P?
Maybe do you know other provider which support OpenVPN + Mikrotik?
Hello guys, I purchased a month of HideMyAss VPN. They even had an openvpn guide in their site.
However, my connection was flapping between connect/disconnect, until a support agent told me they were in the process of upgrading their servers for LZO Data Compression for the OpenVPN protocol. He told me to use PPTP. told him I will do so, however I won’t continue using HMA anymore in the future (thank god i purchased one month only).
I saw a post about PureVPN working with OpenVPN and Mikrotik.
Can someone confirm this??
Hi,
actually NordVPN with RoS 6.38.5, I have this :
Hope this helps
Thanks for the details.
This article https://www.bestvpn.com/blog/4147/pptp-vs-l2tp-vs-openvpn-vs-sstp-vs-ikev2/ explains a lot regarding differences between PPTP, L2TP, OpenVPN, SSTP & IKEv2 type VPNs, and after reading through many of such articles I think the best protocol security-wise is to go with OpenVPN.
I don’t know why, but RoS developers don’t seem to care much for commercial VPN compatibility.
One workaround I thought of, is maybe use MetaROUTER to setup an Openwrt virtual router and setup OpenVPN functionality on that instead of the Mikrotik device itself. What would be your thoughts on this?
Hello my friend.
Where are you from?
I am creating a non-profit VPN server only for helping people in certain " countries", maybe like yours.
If you qualify for my VPN-server you can get an affordable bandwidth using l2tp-ipsec service
Write me in private..
Currently, the most up-to-date VPN are based on OVPN or IKEv2. OVPN seems to be the most secure today, but IKEv2 is quite good to but seems to not to be most adapted to VPN provider application. IKEv2 is,in my opinion, better in company environment.
The solution you suggest is probably to only one to make ovpn work on Mikrotik until dev add the last option that would permit us to connect.
Anyway, it should work, but after that it’s always a problem of reliability. Doing virtual router, on a physical router is not the simpliest way.
We should pray for TLS authentication witrh OVPN natively supported on RoS 
Hello Gartox,
may I ask what you did to enable L2TP/IPsec with NordVPN?
I have massive problems with the IPsec part (when I use L2TP without IPsec vpn works like a charm. As soon as IPsec is activated, connection is not stable.
Please see also this thread with my config and question: http://forum.mikrotik.com/t/problem-with-l2tp-ipsec-vpn-client/110139/1
Cheers,
Sebastian
I did nothing very special, just activate IPSec in the L2TP Interface config.
Here’s my config to compare :
[gart@MikroTik] > /ip ipsec peer print
address=185.145.66.250/32 auth-method=pre-shared-key secret=“nordvpn” generate-policy=port-strict policy-template-group=default exchange-mode=main-l2tp send-initial-contact=yes nat-traversal=yes proposal-check=obey hash-algorithm=sha1 enc-algorithm=aes-256,aes-192,aes-128,3des dh-group=modp1024 lifetime=1d dpd-interval=2m dpd-maximum-failures=5
[gart@MikroTik] > /ip ipsec policy print
src-address=X.X.X.X/32 src-port=1701 dst-address=185.145.66.250/32 dst-port=1701 protocol=udp action=encrypt level=require ipsec-protocols=esp tunnel=no proposal=default priority=0 ph2-count=0
[gart@MikroTik] > /ip ipsec proposal print
name=“default” auth-algorithms=sha512,sha256,sha1,md5,null enc-algorithms=aes-256-cbc,camellia-256,aes-192-cbc,camellia-192,aes-128-cbc,camellia-128,3des,blowfish,twofish,des,null lifetime=30m pfs-group=none
Nothing more than the dynamically generated rules.
Maybe change the server at NordVPN, I was stuck at the begining during some days, I couldn’t understand the issue because my config was really good… the issue was coming from the NordVPN server !!!
I did a little summup of L2TP/IPSec for NordVPN here :
http://forum.mikrotik.com/t/l2tp-ipsec-client-issue/107703/1
take a look at it.
Also take care of your firewall incoming rules maybe you missed a protocol.
best reagards
Hello.
I have problem with the NordVPN, it cant connect. I follow all instructions on the NordVPN web and something goes wrong.
My knowledge is not big about RouterOS, If someone like to help me to configure this I will give VPN access to the router.
Thanks a lot.
Damn! Haven’t touched this topic for a while, but FINALLY someone came up with a working OpenVPN implementation! Finally, 2018, some hope for Mikrotik!
SaferVPN.com
https://support.safervpn.com/hc/en-us/articles/115004435985-Setup-OpenVPN-manually-on-Mikrotik-Router
Another provider that has support with RouterOS, is a pity that version Beta v7.0.0 can be expected to have UDP support over OpenVPN …
https://vpnptp.com/openvpn.html
https://vpnptp.com/l2tp.html
Regards.
NordVPN is fine for me.
I am talking about a truly secure VPN. Not a simple PPTP vpn. PPTP is so insecure it’s like putting down your pants in front of your ISP 
Awesome news! Finally!
NordVPN now officially supports Mikrotik with ROS firmware version v6.45++
https://support.nordvpn.com/Connectivity/Router/1360295132/Mikrotik-IKEv2-setup-with-NordVPN.htm
Under which stone did you stay for almost a year?
Look at the date under this page: https://wiki.mikrotik.com/wiki/IKEv2_EAP_between_NordVPN_and_RouterOS
Also it was Mikrotik supporting IKEv2 VPN connections and not the other way around as you state.