Can I get help understanding if an automatic VPN link can be established in RouterOS between two point-to-point NetBox 5's that are simply bridging a couple of computers over to an existing LAN please?
I have basic experience with RouterOS and have setup some basic features such as being able to VPN into my own router from the outside world, port forwarding, and a little bit of QOS prioritization for VOIP traffic. I am VERY far from an expert, but with a bit of help I can learn.
CONCEPT / SETUP:
Building 1 has an LAN network connection that reaches the outside world and a bunch of computers that connect to it already.
Building 2 has 2 computers that need to be bridged over to Building 1's LAN, just over a mile away.
A radio link between those two buildings should be pretty easy with line-of-sight and will be established with minimal power to get a reliable link. I would use 2 NetBox 5's to achieve this (yes, there would likely be cheaper solutions, but the 5 degree beamwidth of the mANT30 PA is desirable as part of this setup and the added one-time costs are negligible in this situation long-term.) I've looked at the cheaper radios and the wider FOV is not desirable in this situation.
So, given 2 NetBox 5's bridging the LAN from Building 1 over to Building 2, is it possible for the 2 radios to be running that bridge across an automatically established VPN link across the wifi connection? When Radio 1 connects to Radio 2, I'd like them to auto-connect a VPN link between the two of them, and then route all bridged traffic between the two locations, with the VPN being added security on top of the WPA2 / NV2 schemes as well?
Ultimately If radio(s) is/are rebooted, the radio link should come back up when both radio(s) are powered again and the VPN link should automatically be established, and only THEN should traffic between the two buildings resume.
Re: Possible Setup? Point-to-Point WiFi Bridge - NetBox 5 - VPN Encrypted
Can be done with "AP-bridge" + "station-bridge" for the wifi modes without or with VPN.
As you require VPN as extra security, any VPN that creates an extra interface will do the trick. That VPN client-server will start automatically. Connect the client bridges to those interfaces, instead of those WLAN interfaces. You even don't need the "station-bridge" L2 connection. Any, even multi hop, IP connection will do as VPN transport.
If you are sure you need L2 (and not just L3 IP routed connection) then a L2 VPN tunnel is needed (EoIP or MPLS/VPLS). Otherwise a L3 tunnel and routing would be OK.
https://wiki.mikrotik.com/wiki/Transpar ... using_MPLS
As you require VPN as extra security, any VPN that creates an extra interface will do the trick. That VPN client-server will start automatically. Connect the client bridges to those interfaces, instead of those WLAN interfaces. You even don't need the "station-bridge" L2 connection. Any, even multi hop, IP connection will do as VPN transport.
If you are sure you need L2 (and not just L3 IP routed connection) then a L2 VPN tunnel is needed (EoIP or MPLS/VPLS). Otherwise a L3 tunnel and routing would be OK.
https://wiki.mikrotik.com/wiki/Transpar ... using_MPLS
Who is online
Users browsing this forum: xvo and 62 guests