Community discussions

MikroTik App
 
gutekpl
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 92
Joined: Wed Feb 20, 2019 6:31 pm

How safe is l2tp/ipsec VPN set on MikroTik by a noob?

Tue May 18, 2021 1:29 pm

Hi,
I recently set up VPN on my hAP AC^2 to get access to monitoring/NAS from the world. From what I heard this is the best solution to access private environment insted of exposing it directly to the internet via public IP. I am not networking pro so I used new Mikrotik Home app and checked "enabled" under VPN option. After that I edited L2TP and VPN secrets and changed them to 12+ characters, nondictionary passwords and also edited standard vpn profile name used to login to some uncommon one. Everything is working fine, connection from my Android phone is flawless, but in logs I see a lot of new red lines, which makes me a bit sceptic. I know there will be attempts like that, but I want to be sure I am in comply with best practices.
1.PNG
2.PNG
3.PNG
4.PNG
5.PNG
You do not have the required permissions to view the files attached to this post.
 
erlinden
Forum Guru
Forum Guru
Posts: 1920
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: How safe is l2tp/ipsec VPN set on MikroTik by a noob?

Tue May 18, 2021 2:41 pm

I would be worried about the fact that besides L2TP over IPSEC, you are also hosting PPTP. I would disable the latter, that will safe you a lot of logmessages.
 
gutekpl
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 92
Joined: Wed Feb 20, 2019 6:31 pm

Re: How safe is l2tp/ipsec VPN set on MikroTik by a noob?

Tue May 18, 2021 3:22 pm

Thank You, disabled. And how about SSTP?
I see that enabling VPN via app enabled those three together.
x.PNG
You do not have the required permissions to view the files attached to this post.
 
erlinden
Forum Guru
Forum Guru
Posts: 1920
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: How safe is l2tp/ipsec VPN set on MikroTik by a noob?

Tue May 18, 2021 5:52 pm

Would just use LT2P over IPSEC, that will do just fine.
 
gutekpl
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 92
Joined: Wed Feb 20, 2019 6:31 pm

Re: How safe is l2tp/ipsec VPN set on MikroTik by a noob?

Wed May 19, 2021 9:34 pm

Thank you, less of scary logs indeed.
 
erlinden
Forum Guru
Forum Guru
Posts: 1920
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: How safe is l2tp/ipsec VPN set on MikroTik by a noob?

Wed May 19, 2021 9:44 pm

You are very welcome!
 
User avatar
AdminAdmin123
just joined
Posts: 15
Joined: Thu May 20, 2021 12:51 pm
Location: Milano, Italy

Re: How safe is l2tp/ipsec VPN set on MikroTik by a noob?

Thu May 20, 2021 6:07 pm

First of all, don't use pptp 'cause it's too much insecure.
Second, a good L2TP over IPsec is the right choice for your vpn or, if you are not using in an "enterprise" way, openvpn server on Mikrotik with certificates and you're way good ahead

Who is online

Users browsing this forum: Adephx, Ahrefs [Bot], cmmike, morphema, uxertxo and 44 guests