Hi, can i ask any advice with my problem ? I have a task - my Mikrotik working as pptp vpn server, clients from another office connecting through VPN to my local network to gain access to internal services. Everything ok except one thing - so as not to load my isp channel, i need to disable “use default gateway” option in vpn connection properties on client side (Windows OS) and add static route to access to my local network. Is there any protocol or maybe another vpn technology that can include static routes in vpn connection that transfering to client so i could not write static routes on client side and at the same time clients should use their own isp for serfing in internet. Thank you.
Hi Kelariee,
I’m not an expert on Mikrotik but It sounds like you are referring to the use of split tunneling on the client side.
Link is found here:
https://wiki.mikrotik.com/wiki/Manual:IP/IPsec
or a google search for mikrotik ipsec split tunnel should bring up the same page.
Hope this helps
Frank
To state that more explicitly than @fsebera - currently, RouterOS doesn’t support “route push” for any other VPN protocol but IPsec. And it must be bare IPsec - route push doesn’t work if you use IPsec to protect any “usual” tunnel like IPIP or GRE.
For the embedded VPN client on Windows, you must use IKEv2 with certificates in order that this worked.
For non-Mikrotik IPsec peers, the route pushing is often limited to a single destination prefix.
Thank you for replies, i hoped on any miracle, but seems like real life as usual 
With Windows you do have the option of the VPN client adding class-based routes instead of a default route. Not that useful if you use 192.168.x.x for your local networks as the route is a /24, but 172.16.x.x - 172.31.x.x having a /16 route and 10.x.x.x having a /8 route work well.
Also, as PPTP with MSCHAPv2 authentication and MPPE (RC4) encryption have known insecurities consider any of the other VPN methods available on Mikrotiks.