I've been reading around on the forums and struggling to get the setup I desire to work.
We have recently installed 5 Mikrotik LTE external antennas on our property. They are all working fine at the moment, but as the IT person, I would like to be able to connect to each Mikrotik antenna separately remotely. Idea being that if I am not onsite at the property, I can still help troubleshoot/resolve issues remotely.
The LTE provider is WindTre (in Italy) for the SIM card. However, the antenna and data plan were provided by a more local smaller company called WiPlanet who have their own access to the Mikrotik routers via a PPTP client connection that they created.
I have attempted a few different things:
- Remote www "specific IP" access
- IP -> Services -> www: specify specific IP addresses. I have a VM in the cloud that I thought I could give direct access. (currently still have 0.0.0.0 allowed while I test but know I'll need to remove it)
- I was gonna add firewall rules to accept but noticed that the default configuration provided by WiPlanet didn't have any rules (no rejects), so my assumption is all traffic is accepted
- But when I try to connect from my remote cloud VM, I can't figure out what external IP to use...
- VPN access via Quick Set
- I read a post that described turning on "VPN access" on Quick Set.
- In doing so, I was provided with a "VPN address", a "VPN user" and gave a password for authentication
- Then went into Webfig -> PPP -> Profiles, found an existing profile "default-encryption".
- I gave "Local address", the IP of the router. "Remote address" as "vpn". "DNS Server", I tried 8.8.8.8 and 192.168.5.1 (the local devices IP range)
- I also added some firewall rules from this post given there weren't any
- I also went through instructions in this post
- But when I try to connect from my remote cloud VM, it fails to connect to the vpn server name with the error "The remote connection was not made because the attempted VPN tunnels failed. The VPN server might be unreachable. If this connection is attempting to use an L2TP/IPsec tunnel, the security parameters required for IPsec negotiation might not be configured properly.?"
Thank you!