Community discussions

 
rheo
just joined
Topic Author
Posts: 19
Joined: Tue Aug 14, 2012 8:19 am

VPN provider recommendations

Thu Apr 20, 2017 3:20 am

VPN providers are becoming more popular, and due to my countries recent data retention policies I'm considering one. I plan to have it setup on the Mikrotik to encrypt the whole subnet (a seperate VLAN in my case, really only 2-3 devices) I don't really wan't to use PPTP.

Can anyone recommend one? Who has experiencing using one with a Mikrotik device? I'm leaning towards NordVPN but not sure if it will work..

Thanks
 
Musicso
just joined
Posts: 1
Joined: Thu Apr 20, 2017 1:42 pm

Re: VPN provider recommendations

Thu Apr 20, 2017 1:53 pm

I'm using NordVPN for month so far and satisfied with everything. Personally i use direct on devices because it support up to 6, but they work with Mikrotik and even have tutorial https://nordvpn.com/tutorials/mikrotik/pptp/.
Worst case they have 30 days money back guarantee so feel free to try. For better price try use some coupons like this i so on whirpool forum https://nordvpn.com/en/checkout/?2year&coupon=PRIVACY2
 
maxleonca
just joined
Posts: 3
Joined: Sat Jul 11, 2015 1:27 am

Re: VPN provider recommendations

Mon Apr 24, 2017 6:56 am

@Musicso Did you have to disable, add or remove any specific rule filters to make it work?
I got Purevpn and Unlimited vpn which have almost identical configuration but I'm unable to use the service from the Mikrotik or anything behind it.
I have RouterOS 6.38.5 and a RB2011UiAS-2HnD, any feedback will be very welcome.
 
davidtychy
just joined
Posts: 1
Joined: Mon Apr 24, 2017 3:50 pm

Re: VPN provider recommendations

Mon Apr 24, 2017 4:06 pm

Hello all,

Do you have any other suggestion? As you know PPTP is not safe solution. Even on NordVPN tutorial site is written "Please note that PPTP is a very old VPN protocol, and is considered unsafe. Please use it at your own risk." Is it safe to use this protocol for P2P?

Maybe do you know other provider which support OpenVPN + Mikrotik?
 
stathismes
just joined
Posts: 3
Joined: Sun May 14, 2017 3:34 pm

Re: VPN provider recommendations

Sun May 14, 2017 3:38 pm

Hello guys, I purchased a month of HideMyAss VPN. They even had an openvpn guide in their site.

However, my connection was flapping between connect/disconnect, until a support agent told me they were in the process of upgrading their servers for LZO Data Compression for the OpenVPN protocol. He told me to use PPTP. told him I will do so, however I won't continue using HMA anymore in the future (thank god i purchased one month only).

I saw a post about PureVPN working with OpenVPN and Mikrotik.

Can someone confirm this??
 
gartox
just joined
Posts: 9
Joined: Wed Apr 05, 2017 9:38 pm

Re: VPN provider recommendations

Mon May 15, 2017 8:22 pm

Hi,


actually NordVPN with RoS 6.38.5, I have this :
- PPTP : should work, maybe a bug in 6.38.5, but never tried so much because this is too old
- L2TP : is OK but too old too...
- L2TP / IPSEC, is working great, this is what I use actually. Don't ask me for performance, My xDSL connection is so bad that I can't overload the CPU ;(
- SSTP : is working OK too, worked with it a while, but there is an issue (probalby due to the protocol and not really RoS): sometime the connection drops, and the interface does not go down...stuck.
- OVPN : NOK RoS need to implement TLS authentication
- IKEv2 : NOK RoS need to implement rsa signature + extended authentication in ikev2

Hope this helps
 
stathismes
just joined
Posts: 3
Joined: Sun May 14, 2017 3:34 pm

Re: VPN provider recommendations

Mon May 15, 2017 9:41 pm

Thanks for the details.

This article https://www.bestvpn.com/blog/4147/pptp- ... -vs-ikev2/ explains a lot regarding differences between PPTP, L2TP, OpenVPN, SSTP & IKEv2 type VPNs, and after reading through many of such articles I think the best protocol security-wise is to go with OpenVPN.

I don't know why, but RoS developers don't seem to care much for commercial VPN compatibility.

One workaround I thought of, is maybe use MetaROUTER to setup an Openwrt virtual router and setup OpenVPN functionality on that instead of the Mikrotik device itself. What would be your thoughts on this?
 
User avatar
hgonzale
Member Candidate
Member Candidate
Posts: 265
Joined: Thu Nov 06, 2014 1:12 pm
Location: Fuengirola, Spain
Contact:

Re: VPN provider recommendations

Tue May 16, 2017 12:26 am

Hello my friend.
Where are you from?
I am creating a non-profit VPN server only for helping people in certain " countries", maybe like yours.
If you qualify for my VPN-server you can get an affordable bandwidth using l2tp-ipsec service

Write me in private..
 
gartox
just joined
Posts: 9
Joined: Wed Apr 05, 2017 9:38 pm

Re: VPN provider recommendations

Thu Jun 15, 2017 2:51 pm

Currently, the most up-to-date VPN are based on OVPN or IKEv2. OVPN seems to be the most secure today, but IKEv2 is quite good to but seems to not to be most adapted to VPN provider application. IKEv2 is,in my opinion, better in company environment.
The solution you suggest is probably to only one to make ovpn work on Mikrotik until dev add the last option that would permit us to connect.
Anyway, it should work, but after that it's always a problem of reliability. Doing virtual router, on a physical router is not the simpliest way.

We should pray for TLS authentication witrh OVPN natively supported on RoS ;)
 
PhoenixHawk
just joined
Posts: 16
Joined: Mon Jun 26, 2017 7:35 pm

Re: VPN provider recommendations

Wed Jul 05, 2017 11:53 pm

Hi,

actually NordVPN with RoS 6.38.5, I have this :
- L2TP / IPSEC, is working great, this is what I use actually. Don't ask me for performance, My xDSL connection is so bad that I can't overload the CPU ;(

Hope this helps
Hello Gartox,

may I ask what you did to enable L2TP/IPsec with NordVPN?

I have massive problems with the IPsec part (when I use L2TP without IPsec vpn works like a charm. As soon as IPsec is activated, connection is not stable.
Please see also this thread with my config and question: viewtopic.php?f=13&t=123220

Cheers,

Sebastian
 
gartox
just joined
Posts: 9
Joined: Wed Apr 05, 2017 9:38 pm

Re: VPN provider recommendations

Mon Jul 10, 2017 8:13 pm

I did nothing very special, just activate IPSec in the L2TP Interface config.
Here's my config to compare :

[gart@MikroTik] > /ip ipsec peer print
address=185.145.66.250/32 auth-method=pre-shared-key secret="nordvpn" generate-policy=port-strict policy-template-group=default exchange-mode=main-l2tp send-initial-contact=yes nat-traversal=yes proposal-check=obey hash-algorithm=sha1 enc-algorithm=aes-256,aes-192,aes-128,3des dh-group=modp1024 lifetime=1d dpd-interval=2m dpd-maximum-failures=5
[gart@MikroTik] > /ip ipsec policy print
src-address=X.X.X.X/32 src-port=1701 dst-address=185.145.66.250/32 dst-port=1701 protocol=udp action=encrypt level=require ipsec-protocols=esp tunnel=no proposal=default priority=0 ph2-count=0
[gart@MikroTik] > /ip ipsec proposal print
name="default" auth-algorithms=sha512,sha256,sha1,md5,null enc-algorithms=aes-256-cbc,camellia-256,aes-192-cbc,camellia-192,aes-128-cbc,camellia-128,3des,blowfish,twofish,des,null lifetime=30m pfs-group=none

Nothing more than the dynamically generated rules.

Maybe change the server at NordVPN, I was stuck at the begining during some days, I couldn't understand the issue because my config was really good... the issue was coming from the NordVPN server !!!
 
gartox
just joined
Posts: 9
Joined: Wed Apr 05, 2017 9:38 pm

Re: VPN provider recommendations

Mon Jul 10, 2017 8:17 pm

I did a little summup of L2TP/IPSec for NordVPN here :
viewtopic.php?f=2&t=120450&p=592325&hil ... pn#p592325

take a look at it.

Also take care of your firewall incoming rules maybe you missed a protocol.

best reagards
 
killerrche
just joined
Posts: 1
Joined: Sat Sep 02, 2017 2:18 am

Re: VPN provider recommendations

Sat Sep 02, 2017 2:24 am

Hello.
I have problem with the NordVPN, it cant connect. I follow all instructions on the NordVPN web and something goes wrong.
My knowledge is not big about RouterOS, If someone like to help me to configure this I will give VPN access to the router.

Thanks a lot.
 
stathismes
just joined
Posts: 3
Joined: Sun May 14, 2017 3:34 pm

Re: VPN provider recommendations

Fri Oct 05, 2018 9:44 pm

Damn! Haven't touched this topic for a while, but FINALLY someone came up with a working OpenVPN implementation! Finally, 2018, some hope for Mikrotik!

SaferVPN.com
https://support.safervpn.com/hc/en-us/a ... tik-Router
 
wispmikrotik
newbie
Posts: 45
Joined: Tue Apr 25, 2017 10:43 am

Re: VPN provider recommendations

Thu Jan 10, 2019 11:16 am

Damn! Haven't touched this topic for a while, but FINALLY someone came up with a working OpenVPN implementation! Finally, 2018, some hope for Mikrotik!

SaferVPN.com
https://support.safervpn.com/hc/en-us/a ... tik-Router
Another provider that has support with RouterOS, is a pity that version Beta v7.0.0 can be expected to have UDP support over OpenVPN ...

https://vpnptp.com/openvpn.html
https://vpnptp.com/l2tp.html

Regards.

Who is online

Users browsing this forum: arisk, Google [Bot] and 20 guests