Teltonika Networks Wiki

Changes

L2 LAN bridging over internet using L2TPv2+EoIP (view source)

Revision as of 14:57, 2 August 2023

4,232 bytes added ,  14:57, 2 August 2023
no edit summary
Line 7: Line 7:  
==Topology==
 
==Topology==
   −
Placeholder
+
[[File:Networking rutxxx configuration examples l2tp+ eoip rut configuration topology v2.png|border|class=tlt-border|1100px]]
    
==Prerequisites==
 
==Prerequisites==
Line 108: Line 108:  
Once again we will need to open the WebUI of the Teltonika device and navigate to the '''Network → Interfaces → General''' Edit your '''LAN''' interface and change '''Protocol''' to '''DHCP'''.
 
Once again we will need to open the WebUI of the Teltonika device and navigate to the '''Network → Interfaces → General''' Edit your '''LAN''' interface and change '''Protocol''' to '''DHCP'''.
   −
[[File:Networking rutxxx configuration examples LAN config v1.png|border|class=tlt-border|1100px]]
+
[[File:Networking rutxxx configuration examples l2tp rut configuration v2.png|border|class=tlt-border|1100px]]
    
[[File:Networking rutxxx configuration examples LAN config v2.png|border|class=tlt-border|1100px]]
 
[[File:Networking rutxxx configuration examples LAN config v2.png|border|class=tlt-border|1100px]]
 +
 +
Now navigate to '''Physical Settings''' and in the Interface, section add 'zeoip0', you might require to type it manually if that doesn't show up from the drop-down menu. After that '''Save''' the configuration.
 +
 +
[[File:Networking rutxxx configuration examples LAN config v3.png|border|class=tlt-border|1100px]]
 +
 +
==Configuration of the MikroTik Device==
 +
 +
===L2TP configuration===
 +
 +
Now we will configure the L2TP Server on the MikroTik device. Open your device's WebUI and navigate to '''PPP → Interface → L2TP Server'''.
 +
 +
[[File:Networking rutxxx configuration examples L2TP Mikro v2.png|border|class=tlt-border]]
 +
 +
# Enable the L2TP Server
 +
# Select profile '''default-encryption'''
 +
# Save the configuration
 +
 +
Now we will configure L2TP client's username and password, addressing & profile information at '''PPP → Secrets''':
 +
 +
[[File:Networking rutxxx configuration examples L2TP Client Mikro v3.png|border|class=tlt-border]]
 +
 +
# Enable the client
 +
# Create a name for the L2TP client
 +
# Create a password for the L2TP client
 +
# Create a Local Address for the L2TP Server (for this example we use 10.0.0.1)
 +
# Create a Remote Address for the L2TP Client (for this example we use 10.0.0.2)
 +
# Save the Configuration
 +
 +
----
 +
 +
===EoIP configuration===
 +
 +
Next we will configure EoIP on the MikroTik side, for that navigate to '''Interfaces → EoIP tunnel''' Add New interface and configure accordingly:
 +
 +
[[File:Networking rutxxx configuration examples EoIP MikroTik v2.png|border|class=tlt-border]]
 +
 +
# Enable the interface
 +
# Create a name for the interface
 +
# Input local address of the L2TP (in this example 10.0.0.1)
 +
# Input remote address of the L2TP (in this example 10.0.0.2)
 +
# Create a tunnel ID (it has to mach the ID configurated on the Teltonika device)
 +
# Save the configuration
 +
 +
----
 +
 +
Now we will add EoIP to the Bridge, for that navigate to '''Bridge → Ports''' press the Add New button and configure the device accordingly:
 +
 +
[[File:Networking rutxxx configuration examples MikroTik bridge v1.png|border|class=tlt-border]]
 +
 +
# Enable the Bridge
 +
# Select the EoIP Interface
 +
# Save the configuration
 +
 +
----
 +
 +
===Firewall configuration===
 +
 +
Lastly we will need to configure Firewall correctly for EoIP and L2TP, firs navigate to '''IP → Firewall''' and edit rule called: '''drop all not coming through LAN''', make an exception for '''Src. Address: 10.0.0.2''' and '''Dst Address 10.0.0.1''' and Save the configuration. The configuration should look like this:
 +
 +
[[File:Networking rutxxx configuration examples MikroTik Firewall 1 v1.png|border|class=tlt-border]]
 +
 +
----
 +
 +
Now we will create a rule for '''1701 UDP''' port for L2TP tunnel, on the same page press the '''Add New''' button and configure new Firewall rule accordingly:
 +
 +
[[File:Networking rutxxx configuration examples MikroTik Firewall 2 v1.png|border|class=tlt-border]]
 +
 +
# Enable the rule
 +
# Select the '''input'''
 +
# '''Protocol:''' 17(udp)
 +
# '''Dst. Port:''' 1701(L2TP port)
 +
# Save the configuration
 +
 +
After that new Firewall rule will appear, move it to the top of the page by dragging it with the mouse cursor so it will have the highest priority.
 +
 +
==Testing the configuration==
 +
 +
If everything was configurated correctly Teltonnika and MikroTik devices will be connected via L2TP+EoIP and the Teltonika device should receive the LAN IP address of the MikroTik.
 +
To confirm this on the Teltonika router's WebUI navigate to '''Network → Interfaces → General''' on the LAN interface you should see MikroTik IP(in this example 192.168.88.x):
 +
 +
[[File:Networking rutxxx configuration examples DHCP LAN v2.png|border|class=tlt-border|1100px]]
 +
 +
Additionally, we can check if we can reach MikroTik router through L2TP IP(10.0.0.1) or a device behind the MikroTik. Once again open your device's CLI/SSH and execute the command ping 10.0.0.1 you should be able to reach the MikroTik virtual IP:
 +
 +
[[File:Networking rutxxx configuration examples virtual ip ping.png|border|class=tlt-border]]
 +
 +
==See also==
 +
 +
[[L2TP configuration examples RutOS]]
 +
 +
==External links==
 +
 +
[https://wiki.mikrotik.com/wiki/Manual:Interface/EoIP MikroTik EoIP]
 +
[[Category:VPN]]
Retrieved from "https://wiki.teltonika-networks.com/view/Special:MobileDiff/106998...109659"