Page 1 of 1

Ready-to-go IPSec+L2TP config?

Posted: Fri May 09, 2014 12:09 am
by alexburke
Hello!

Does anyone have a ready-to-go IPSec+L2TP VPN configuration to add to an existing router config running a fairly simple NAT setup? The clients would be iOS and/or OS X.

Also, how can one prevent connection to the L2TP server without going through the IPSec first, to ensure that all connections absolutely must be encrypted?

Thanks in advance!

Re: Ready-to-go IPSec+L2TP config?

Posted: Fri May 09, 2014 5:30 am
by Nollitik
As an Apple MacOS user myself, you might be the first to provide the ready-to-go L2TP over IPsec...so prepare a great presentation for us all. Having said that, this link might offer you some insight despite the road warrior setup for Windows:

http://mum.mikrotik.com/presentations/HR13/kirnak.pdf

I am currently working on the very same setup in RouterOS v6.12 only to discovered bugs and hope Mikrotik support clears that soon. Then on top on that, I had upgraded to Mavericks 10.9.2 and discovered (client side) that the VPN issue was NOT fixed if one didn't apply the patch in 10.9.1 (see here: https://discussions.apple.com/thread/5951305?tstart=0).

So, we're at a standstill waiting for bugs to be fixed...pray!

Re: Ready-to-go IPSec+L2TP config?

Posted: Fri May 09, 2014 9:34 am
by tomaskir
As mentioned previously, see my presentation about L2TP/IPSec setup itself.

Video also linked in my sig.

Re: Ready-to-go IPSec+L2TP config?

Posted: Sat May 10, 2014 11:15 am
by Nollitik
As mentioned previously, see my presentation about L2TP/IPSec setup itself.

Video also linked in my sig.
It's VERY difficult to follow along with your video as the background noise is more audible and a turn off. May I suggest fine tuning your presentation so your voice clearly heard!

Also, today's road warrior comes with different devices that include MacOS, IOS, Android, etc...not just Windows 7. As more folks deploy a server and surveillance in the home, VPN become an important tool that the non-IT person needs simple instructions for setting up guidance. You could help to provide that solution.

Re: Ready-to-go IPSec+L2TP config?

Posted: Sat May 10, 2014 8:44 pm
by tomaskir
As mentioned previously, see my presentation about L2TP/IPSec setup itself.

Video also linked in my sig.
It's VERY difficult to follow along with your video as the background noise is more audible and a turn off. May I suggest fine tuning your presentation so your voice clearly heard!

Also, today's road warrior comes with different devices that include MacOS, IOS, Android, etc...not just Windows 7. As more folks deploy a server and surveillance in the home, VPN become an important tool that the non-IT person needs simple instructions for setting up guidance. You could help to provide that solution.
The video and audio is recorded by Mikrotik on the MUMs - I only make the presentation.

As for client devices, you have to figure out yourself how to configure the client, I dont have all 10 possible client devices to test and screenshot and show.
This presentation is about MikroTik, not about Windows, Mac, IOS, Android etc.

Re: Ready-to-go IPSec+L2TP config?

Posted: Sun May 11, 2014 5:52 am
by Nollitik
[/quote] The video and audio is recorded by Mikrotik on the MUMs .[/quote]

That's sad...a Mikrotik event and they didn't take the audio directly off the sound board or PA mixer. Maybe someone might read this feedback and begin to do so for future event.

Yes, your presentation was about Mikrotik; however, you freely volunteered a Windows client setup so that's the reason for my recommendation which I believe a reasonable request. I also wondered why, as a disclaimer, you didn't state during the very same presentation "you have to figure out yourself how to configure the client." You might already have a Windows device; however, you could use friends devices in your demo...you don't actual need you own the devices.

Re: Ready-to-go IPSec+L2TP config?

Posted: Thu May 15, 2014 11:36 pm
by alexburke
I had upgraded to Mavericks 10.9.2 and discovered (client side) that the VPN issue was NOT fixed if one didn't apply the patch in 10.9.1 (see here: https://discussions.apple.com/thread/5951305?tstart=0).
Give this a go and let us know if your VPN woes are solved:

http://support.apple.com/kb/HT6228