Please i have 2 routerboad 450 i need to make VPN site to site between each other
Please help
Re: VPN Site to site
IPSec is a good place to start
http://wiki.mikrotik.com/wiki/Manual:IP/IPsec
That's a lengthy read, but IPSec is probably the best bet.
Some ISPs that issue modems with a router built in may disallow IPSec.
http://wiki.mikrotik.com/wiki/Manual:IP/IPsec
That's a lengthy read, but IPSec is probably the best bet.
Some ISPs that issue modems with a router built in may disallow IPSec.
Re: VPN Site to site
you can use pptp os l2tp with IPSEC
Set IP on the VPN sever router E.g local=192.168.1.1 remote=192.168.1.2
it will work
PPTPconnction without IPSEC too will work just that less secured
Set IP on the VPN sever router E.g local=192.168.1.1 remote=192.168.1.2
it will work
PPTPconnction without IPSEC too will work just that less secured
Re: VPN Site to site
Hi,
you can check the following documents:
http://wiki.mikrotik.com/wiki/Manual:Interface/L2TP
http://wiki.mikrotik.com/wiki/Manual:BC ... _bridging)
good luck...
you can check the following documents:
http://wiki.mikrotik.com/wiki/Manual:Interface/L2TP
http://wiki.mikrotik.com/wiki/Manual:BC ... _bridging)
good luck...
Re: VPN Site to site
Stick with plain IPSec in tunnel mode for site-to-site, supposed to be better performing. I use pre-shared keys instead of certificates because it's quicker to setup.
Re: VPN Site to site
+1 - plain old IPsec in tunnel mode is the best for S2S- flexible, secure and performing. The only "disadvantage" is it requires some learning. And pre-shared key auth method should be just fine for S2S.
Re: VPN Site to site
I second the IPsec recommendations.
But: which bandwidth do you expect to be encrypted? If it's just some few MBit < 5, the 450 will for sure be able to handle this. If you're talking about more, better consider either different hardware (850, 1100, CCR series) or a non-IPsec approach.
-Chris
But: which bandwidth do you expect to be encrypted? If it's just some few MBit < 5, the 450 will for sure be able to handle this. If you're talking about more, better consider either different hardware (850, 1100, CCR series) or a non-IPsec approach.
-Chris
Re: VPN Site to site
I'd argue the non-IPsec approach is worth considering, unless you don't care about encryption at all.consider either different hardware (850, 1100, CCR series) or a non-IPsec approach.