Hi colleagues,

which VPN with best performance characteristics you'll suggest for RB750Gr3 router? I need to connect plenty of routers, part of which are behind NAT and, thus, can be only callers. I need dynamic routing over these tunnels so VPN of choice must be routed, not policy-based. The choices I see are:

- GRE over IPSec
- OpenVPN
- l2tp/IPSec

Notes:
- not sure Wireguard fits there since, AFAIK, it's a policy-based mechanism (at least, in this way it's done on Linux) - remote networks need to be specified in parameters of connection, so no ways for dynamic learning.
- SSTP is pretty slow and cannot be considered.

What about mentioned three above and may be other choices? Comments on notes?

Thank you.

And still I would choose Wireguard.
From a conceptual point of view it's for me not different from setting up OpenVPN.
You still have full control via routing what goes where.
What is different is that for a Wireguard client, you can define WHAT goes over that connection (allowed addresses). But that's after the routing decision has been made.

Thanks for the suggestion. Having AES h/w offload, I stopped with l2tp/ipsec due to very easy configuration - being once configured on "server side", it require one command ( /ppp/secret/add ) to create every new connection (and even no additional configuration if radius used), while client configuration is also easy and mostly generic: update ipsec profile/proposal, add ppp profile and add l2tp-client connection (latter is the only connection-specific topic).

Wireguard, while being preferred on old and/or low-end routers (where aes offload is not present, due to using modern light ciphersuites), has no performance benefits over ipsec if aes offload is present on the router, but require more configuration efforts comparable to l2tp/ipsec.

The only question I still have with l2tp - whether it's possible to authenticate server side with certificates? So to make client sure it connects to the right place. Because configuration of l2tp has PSK, while no ideas whether it can check remote certificate.

Thank you.

keep in mind small routers like 750gr3 are designed to be a small Branch VPN client router, not a VPN concentrator for multiple branches

if your VPN traffic scale UP you will quickly end up limited by CPU and/or by HW offload engine, when that happen you will need to upgrade to upper tier device like rb4011/5009, next tier will be ccr2004, and the ultimate performance with ccr2116

Sure, thank you. I'm using CHR as a concentrator, while HEX as a branch router. I guess, CHR uses AES-NI to process en-/decryption.

The only question I still have with l2tp - whether it's possible to authenticate server side with certificates? So to make client sure it connects to the right place. Because configuration of l2tp has PSK, while no ideas whether it can check remote certificate.

It is possible, but you have to configure IPsec manually - the automatic creation of the IPsec configuration triggered by switching use-ipsec=yes in the L2TP configuration is hardcoded for PSK authentication.

Also, unless you want to use certificates also at the initiator (client) side, you'll likely need a RADIUS server at the responder side to facilitate authentication of the initiators by username and password, which will be separate for the IPsec and for the L2TP (you can of course use the same strings for both, but they have to be configured separately).

Hi,

> It is possible, but you have to configure IPsec manually - the automatic creation of the IPsec configuration
> triggered by switching use-ipsec=yes in the L2TP configuration is hardcoded for PSK authentication.

I'm trying to get this done So the idea behind this: I need L2TP server for tens of endpoints, which does mutual certificate authentication: server presents his certificate, every client presents his certificate, all certificates are signed by common CA and CRL URL is available for at least server where it can check validity of client's certificate and if client certificate is revoked then no access.

I build a very basic test scheme, it seems to be working but I kindly ask you to check, whether the configuration is ok in all aspects and whether it will ensure mutual authentication and will not miss any tries of non-authenticated access? Also one more question - I'm not a guru in PKI; AFAIK, CRL URL stored inside cert and, thus, no additional configuration on mikrotik side required - having CRL URL received in certificate, it will consult to that URL, right or no?

There is ~~~ CLIENT ~~~ ipsec configuration, it's pretty easy - L2TP policy and own certificate for authentication:
There is ~~~ SERVER ~~~ ipsec configuration - certificate for authentication as well:
Configuration of l2tp interfaces and IP addresses skipped as non-related to the question

Thank you.

RouterOS doesn't handle CRLs automatically by default:
[me@MyTik] > certificate settings print
crl-download: no
crl-use: no
crl-store: ram
You have to set both crl-download and crl-use to yes.

Thank you!