Community discussions

MikroTik App
 
jonasx
just joined
Topic Author
Posts: 11
Joined: Mon Nov 08, 2021 11:43 pm

VPN Question - Remote CLient site to site

Tue Nov 09, 2021 4:31 am

Hello,

I have a basic level of networking knowledge and need some help setting up a site to site vpn with a little twist.

I travel quite a bit for work and would like to take a second mikro tik router with me to different sites and hotel rooms to use with my nVidia shield.

I want the shield to behave like it's on my local home network and have access to my home NAS device, plus my streaming services as if it's coming from my home ISP IP address, since activating streaming services at too many addresses causes issues..

I've done some searching on the forum and on the internet but can't find any howto's that fit this specific scenario.

I've attached a basic diagram of what I'm hoping to achieve.

Can anyone point me toward a good how to that fits this or offer some advice?

Thanks!
You do not have the required permissions to view the files attached to this post.
 
jonasx
just joined
Topic Author
Posts: 11
Joined: Mon Nov 08, 2021 11:43 pm

Re: VPN Question - Remote CLient site to site

Thu Dec 02, 2021 4:40 am

Follow up on this -

3 weeks later and many many hours of experimenting, researching numerous topis and watching/reading about 10 howtos...half of which were completely wrong..I finally got a workable solution, in testing at least, using EIOP.

I don't think this will work where I have no control over the ISP router, but may need to build the EOIP tunnel on top of another VPN tunnel.

Going to continue to experiment and may post a definitive howto once I get a workable solution for multiple scenarios.
 
AHMADKABADAKI
just joined
Posts: 9
Joined: Tue Feb 04, 2020 2:22 pm
Location: Lebanon, Tripoli

Re: VPN Question - Remote CLient site to site

Thu Dec 09, 2021 10:32 am

Hello,

You can use l2tp/ipsec VPN (require on public ip) or ipsec VPN (required 2 public ip in the two nods).

I will explain how to configure l2tp/ipsec

A- L2tp/ipsec server configuration:

/ip pool
add name=VPN-Pool range=172.16.1.10-172.16.1.50

/ip firewall nat
add chain=srcnat src-address=172.16.1.0/24 action=masquerade

/ppp profile
add name=VPN-PROFILE local-address=172.16.1.1 remote-address=VPN-Pool

/ppp secret
add name=user password=12345678 service=l2tp profile=VPN-PROFILE

/interface l2tp-server server
set enable=yes use-ipsec=yes ipsec-secret=test123456

B- l2tp/ipsec Client Configuration:

/interface l2tp-client
add name=l2tp-client connect-to=1.1.1.1 user=user password=12345678 use-ipsec
=yes ipsec=test123456

!! Sure you can configure your l2tp/ipsec VPN with your local subnet without using different subnet !!

Who is online

Users browsing this forum: mtkvvv and 42 guests