Community discussions

MikroTik App
 
usmanov
just joined
Topic Author
Posts: 4
Joined: Fri Sep 30, 2011 6:50 am

Does Mikrotik support L2TP over IPSEC VPN (site to site) with certificate authentication?

Wed Aug 10, 2016 11:02 am

Does Mikrotik support L2TP over IPSEC VPN (site to site) with certificate authentication between two Routerboards
 
andriys
Forum Guru
Forum Guru
Posts: 1396
Joined: Thu Nov 24, 2011 1:59 pm
Location: Kharkiv, Ukraine

Re: Does Mikrotik support L2TP over IPSEC VPN (site to site) with certificate authentication?

Wed Aug 10, 2016 11:41 am

The answer really depends of what your exact requirements are. Are you going to use Mikrotik devices on both sides of your site-to-site tunnel?

IPsec implementation in RouterOS supports RSA authentication (i.e. with certificates), so L2TP over IPsec supports it also. However it may not be compatible with other vendors' implementations. For instance, when you configure L2TP/IPsec with certificates in Microsoft Windows, Windows assumes that IKEv2 should be used, which is not currently supported in RouterOS.
 
usmanov
just joined
Topic Author
Posts: 4
Joined: Fri Sep 30, 2011 6:50 am

Re: Does Mikrotik support L2TP over IPSEC VPN (site to site) with certificate authentication?

Wed Aug 10, 2016 11:51 am

Thanks for responding. Yes, on both sides we are plannig to use RouterBoards: RB-850gx2 and RB-750.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7487
Joined: Mon Jun 08, 2015 12:09 pm

Re: Does Mikrotik support L2TP over IPSEC VPN (site to site) with certificate authentication?

Wed Aug 10, 2016 11:58 am

Also, you will have to setup the L2TP without IPsec, and separately setup IPsec between the sites for the L2TP protocol.
The L2TP setup has a convenient automatic IPsec configuration option, but it allows only the use of pre-shared keys.
So, do not select "use IPsec".

Who is online

Users browsing this forum: Bing [Bot], Google Feedfetcher, loloski, robkampen, webor and 113 guests