Community discussions

 
deanstem
just joined
Topic Author
Posts: 1
Joined: Fri Jan 04, 2019 4:00 pm

PPTP Client - Bridge to Interface Ether

Fri Jan 04, 2019 5:03 pm

Hello,

I'm relatively new to implementing/using Microtiks and still in an early learning period.

In short, we have multiple sites which each have a PPTP server configured (Contract Work) - I would like to use interface ether 7 as a "VPN Port" in which i could change the login details too whomever's network i require access to, preferably not have to change any other settings. My questions are:

1. Is this possible to setup?
2. How would i bridge the PPOE client to ether 7 only? The interface doesn't need access to bridge1 network.

Current Config is very basic:
Combo 1: WAN IN
Ether 1-6: Bridge1 with DHCP Server

Ive since added a PPTP Client and connected fine:

Code: Select all

;;; VPN
status: connected
uptime: 28m4s
encoding: MPPE128 stateless
mtu: 1400
mru: 1450
local-address: 10.0.0.19
remote-address: 10.0.0.25
Ive spent a great deal of time on this and cannot find much online regarding this config so help is greatly appreciated! :)

If you need any other details, let me know.

Thanks

Router Export:

Code: Select all

add comment="LAN Bridge Ports 1-6" name=bridge1
add arp=proxy-arp comment="LAN2 Bridge Port 7 (VPN)" fast-forward=no name=bridge2
/interface ethernet
set [ find default-name=combo1 ] auto-negotiation=no comment=WAN
set [ find default-name=ether1 ] comment=LAN
set [ find default-name=ether7 ] comment=LAN2
/interface pppoe-client
add add-default-route=yes disabled=no interface=combo1 name=WAN-out password=BLANK use-peer-dns=yes user=\
BLANK
/interface pptp-client
add comment=VPN connect-to=1.1.1.111 disabled=no name=" VPN " password=password user=admin
/interface list
add name=WAN
add name=LAN
add name=VPN
add name=LAN2
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=10.0.100.10-10.0.100.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge1 name=dhcp1
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=ether6
add bridge=bridge2 interface=ether7
add bridge=bridge1 disabled=yes interface=combo1
add bridge=bridge1 interface=ether1
/interface detect-internet
set detect-interface-list=LAN
/interface list member
add list=WAN
add interface=bridge1 list=LAN
add interface=combo1 list=WAN
add interface=WAN-out list=WAN
add interface=bridge2 list=LAN2
add interface="VPN " list=VPN
/ip address
add address=10.0.100.1/24 interface=ether1 network=10.0.100.0
/ip dhcp-client
add dhcp-options=hostname,clientid interface=combo1
/ip dhcp-server network
add address=10.0.100.0/24 gateway=10.0.100.1 netmask=24
/ip dns
set allow-remote-requests=yes servers=1.1.1.1
add action=drop chain=input in-interface=ether1
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
add action=dst-nat chain=dstnat dst-port=3389 protocol=tcp src-address= to-addresses=10.0.100.20 to-ports=3389
/ip firewall service-port
set sip disabled=yes
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
/system clock
set time-zone-name=Europe/London
/system routerboard settings
set silent-boot=no
/system script
add dont-require-permissions=no name=script1 owner= policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=\
"/ip firewall nat add chain=dstnat dst-address= action=dst-nat to-addresses=10.0.100.200 "

Who is online

Users browsing this forum: No registered users and 25 guests