Community discussions

MikroTik App
 
xunil76
newbie
Topic Author
Posts: 46
Joined: Fri May 20, 2011 12:48 am

secure personal hotspot while travelling

Mon Oct 03, 2011 5:47 am

I want to use a mikrotik router while i'm travelling, but want an encrypted connection that routes all my traffic back to my home connection (also on a mikrotik) so i can isolate myself from anyone else on the network at the locations i will be staying, as well as being able to access my local LAN resources as if i were there sitting at home.

i already know how to set up an EOIP tunnel and can get that working just fine, but unless i'm mistaken, it is not encrypted. i know that it is possible to run this EOIP tunnel over another tunneling protocol like L2TP, but i'm having trouble figuring out exactly how to get the L2TP connection set up to use with EOIP.

i know i need to set up a server on my home mikrotik, and a client on my mobile mikrotik, but have never dealt with L2TP before at all, much less on a mikrotik. does anyone have some steps for me to follow to do this, and is there anything else i need to do other than set up the server and the client? i'm assuming that since L2TP is encrypted, that there will be some sort of username/password authentication method needed, is that done by the same process of setting up the server/client, or is that done separately?
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: secure personal hotspot while travelling

Mon Oct 03, 2011 5:54 am

L2TP is not any more secure than EoIP. When in doubt you can always look up protocol on wikipedia:
http://en.wikipedia.org/wiki/Layer_2_Tunneling_Protocol
In computer networking, Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs). It does not provide any encryption or confidentiality by itself
Your simplest option is probably PPTP. http://wiki.mikrotik.com/wiki/Manual:Interface/PPTP

You can also use IPSec - it's more secure, but also much more complex to configure. The neat thing about PPTP in regards to simplicity is that it's effectively just another interface. The basic approach would be to configure the travel router to take all traffic coming into the interface you as a client connect to and mark it with a routing mark, and then punch traffic for that routing mark out the PPTP interface. On the server at home you'll have to configure a route back to the network behind the travel router via the travel router's static PPTP tunnel IP address.