Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsLAN (ethernet/Wifi/routers/Bluetooth)Assistance - Mikrotik - L2TP\IPSec VPN Configuration (Please!)
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
cyril7
9075 posts

Uber Geek
+1 received by user: 2499

ID Verified
Trusted
Subscriber

  #2666013 1-Mar-2021 08:37
Send private message

Yeah because the vpn is sharing the same lan subnet you will require that.

 

Cyril



Shindig

1622 posts

Uber Geek
+1 received by user: 362

Trusted

  #2666046 1-Mar-2021 10:01
Send private message

Wonder if router needs a reboot after enabling proxy-arp

 

 

 

DNS resolution still not working, do I need to ensure FW allows port 53 through? Thinking remote requests?

 

 

 

 




The little things make the biggest difference.

chevrolux
4962 posts

Uber Geek
+1 received by user: 2638
Inactive user


  #2666049 1-Mar-2021 10:08
Send private message

You just need "Allow Remote Requests" turned on, but then insure you have a rule to block DNS requests from the WAN interface.

 

No need to reboot after enabling proxy arp - maybe just disconnect/reconnect the VPN interface at the most.



cyril7
9075 posts

Uber Geek
+1 received by user: 2499

ID Verified
Trusted
Subscriber

  #2666050 1-Mar-2021 10:16
Send private message

And possibly add the VPN interface to the "Lan Interface" list will sort out any other firewall related issues.

 

Cyril

Shindig

1622 posts

Uber Geek
+1 received by user: 362

Trusted

  #2666051 1-Mar-2021 10:17
Send private message

Here is the firewall 

 

I have left it as the default only adding the L2TP ports

 




The little things make the biggest difference.

MadEngineer
4591 posts

Uber Geek
+1 received by user: 2570

Trusted

  #2666382 1-Mar-2021 18:29
Send private message

^ Give that accept rule a comment of "Accept L2TP-IPSec"

 

Move it down after the rule to accept ICMP so that you don't accept invalid traffic to your VPN server.

 

 

 

 

 

Make sure that you've set the bridge on the PPP profile to be your LAN, and it's on the LAN interface where you set ARP to proxy-arp.

 

 

 

This page was one of the best set up guides:

 

A Day in the Life of Just Another IT Guy » L2TP with IPSec on Mikrotik RoutersOS (archive.org)

 

It's a little different now with updated ROS version but should work fine.  It will allow a connection from both iPhones and Windows, all instructions provided.




You're not on Atlantis anymore, Duncan Idaho.

 
 
 
 

Shop now on AliExpress (affiliate link).
Shindig

1622 posts

Uber Geek
+1 received by user: 362

Trusted

  #2666662 2-Mar-2021 10:54
Send private message

Cheers MadEngineer! 




The little things make the biggest difference.

1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright