476
edits
Changes
Template:Netoworking rutx configuration example mikrotik l2tp ipsec (view source)
Revision as of 11:18, 1 April 2020
, 11:18, 1 April 2020no edit summary
This article provides a guide on how to configure L2TP/IPsec tunnel between RUTXxx and Mikrotik routers.
This article provides a guide on how to configure L2TP/IPsec tunnel between RUTXxx and Mikrotik routers.
==Prerequisites==
==Prerequisites==
==Configuration scheme==
==Configuration scheme==
[[File:Networking_rutxxx_configuration_example_l2tp_ipsec_mikrotik_topology_v1.png|border|class=tlt-border|1100x1100px]]
[[File:Networking_rutx_configuration_example_l2tp_ipsec_mikrotik_topology_v1.png|border|class=tlt-border|1100x1100px]]
==Mikrotik configuration==
==Mikrotik configuration==
==RUT configuration==
==RUT configuration==
Access RUTXxx WebUI and go to '''Services > VPN > L2TP'''. There create a new configuration by selecting role '''Client'', writing '''New configuration name''' and pressing '''Add''' button. It should appear after a few seconds. Then press '''Edit'''.
Access RUTXxx WebUI and go to '''Services > VPN > L2TP'''. There create a new configuration by selecting role '''Client''', writing '''New configuration name''' and pressing '''Add''' button. It should appear after a few seconds. Then press '''Edit'''.
[[File:Networking_rutx_configuration_example_l2tp_ipsec_mikrotik_3_v1.png|border|class=tlt-border|1100x1100px]]
[[File:Networking_rutx_configuration_example_l2tp_ipsec_mikrotik_3_v1.png|border|class=tlt-border|1100x1100px]]
# Write '''Username''' (write the username which you created with this command /ppp secret add name="username" password="password" service=l2tp profile=ipsec_vpn remote-address=192.168.102.2).
# Write '''Username''' (write the username which you created with this command /ppp secret add name="username" password="password" service=l2tp profile=ipsec_vpn remote-address=192.168.102.2).
# Write '''Password''' (write the password which you created with this command /ppp secret add name="username" password="password" service=l2tp profile=ipsec_vpn remote-address=192.168.102.2).
# Write '''Password''' (write the password which you created with this command /ppp secret add name="username" password="password" service=l2tp profile=ipsec_vpn remote-address=192.168.102.2).
# Press '''Save'''.
# Press '''Save & Apply'''.
Now go to '''Services > VPN > IPsec'''.
Now go to '''Services > VPN > IPsec'''.
# '''Enable''' instance.
# '''Enable''' instance.
# Write '''Remote endpoint''' (MikroTik public IP address).
# Sellect '''Authentication method''' (Pre-shared key)
# Write '''Pre-shared key''' (write the password which you created with this command /ip ipsec identity add generate-policy=port-override auth-method=pre-shared-key secret="password" peer=l2tpserver).
# Select '''Type''' (Transport).
# Select '''Type''' (Transport).
# Write '''Remote VPN endpoint''' (MikroTik public IP address).
# Select '''Encryption algorithm, Authentication''' and '''DH group''' (sellect options that you set with command /ip ipsec proposal set default auth-algorithms=sha1 enc-algorithms=3des pfs-group=modp1024).
# Set all of the settings in '''Phase 2''' to be exactly the same as in the '''Phase 1'''.
# Set all of the settings in '''Phase 2''' to be exactly the same as in the '''Phase 1'''.
# Press '''Save'''.
# Press '''Save & Apply'''.
==Testing configuration==
==Testing configuration==
