MikroTik

Posted: **Fri Nov 03, 2017 7:32 pm**

I have read everything I could find and watched several videos but can not get VPN to work. I wonder if anyone can give any comments on my setup.

My MikroTik LAN IP: 82.148.164.247
My LAN DHCP Range: 10.0.0.10-10.0.0.60

/ip pool print
 # NAME       RANGES                         
 0 dhcp       10.0.0.5-10.0.0.60             
 1 VPN        10.0.0.70-10.0.0.80

/ppp profile 
Flags: * - default 
 0 * name="default" use-mpls=default use-compression=default use-encryption=default only-one=default
     change-tcp-mss=yes use-upnp=default address-list="" on-up="" on-down="" 

 1   name="profile1" use-mpls=default use-compression=default use-encryption=default only-one=defaul
     change-tcp-mss=default use-upnp=default address-list="" dns-server=10.0.0.1,8.8.8.8 wins-server
     on-up="" on-down="" 

 2   name="lintho" local-address=10.0.0.3 remote-address=dhcp use-mpls=default use-compression=defau
     use-encryption=default only-one=default change-tcp-mss=default use-upnp=default address-list=, 
     dns-server=10.0.0.1,8.8.8.8 wins-server=10.0.0.1 on-up="" on-down="" 

 3   name="L2TP" local-address=10.0.0.2 remote-address=VPN bridge=bridge-local session-timeout=2h30m
     idle-timeout=15m use-mpls=default use-compression=default use-encryption=default only-one=defau
     change-tcp-mss=yes use-upnp=no address-list="" dns-server=10.0.0.1 on-up="" on-down="" 

 4 * name="default-encryption" local-address=192.168.89.1 remote-address=*3 use-mpls=default use-com
     use-encryption=yes only-one=default change-tcp-mss=yes use-upnp=default address-list="" on-up="

/ppp secret print detail 
Flags: X - disabled 
 0   name="username" service=l2tp caller-id="" password="password" profile=L2TP routes="" limit-bytes-in=0 limit-bytes-out=0 
    
/interface pptp-server server print
            enabled: yes
            max-mtu: 1460
            max-mru: 1460
               mrru: disabled
     authentication: pap,chap,mschap1,mschap2
  keepalive-timeout: 30
    default-profile: default-encryption


/ip firewall filter print detail
Flags: X - disabled, I - invalid, D - dynamic 
 0    chain=input action=accept connection-state=new protocol=udp dst-address=82.148.164.247 in-interface=ether1 
      dst-port=500,1701,4500 log=no log-prefix="" 

 1    chain=input action=accept connection-state=new protocol=ipsec-esp dst-address=82.148.164.247 in-interface=ether1 log=no 
      log-prefix="" 

/interface ethernet print
Flags: X - disabled, R - running, S - slave 
 #    NAME                        MTU MAC-ADDRESS       ARP        MASTER-PORT                     SWITCH                    
 0 R  ether1                     1500 00:0C:42:C7:8F:E0 enabled    none                            switch1                   
 1 RS ether2                     1500 00:0C:42:C7:8F:E1 enabled    none                            switch1                   
 2 RS ether3                     1500 00:0C:42:C7:8F:E2 enabled    none                            switch1                   
 3  S ether4                     1500 00:0C:42:C7:8F:E3 enabled    none                            switch1                   
 4  S ether5                     1500 00:0C:42:C7:8F:E4 enabled    none                            switch1         

/ip firewall nat print detail
Flags: X - disabled, I - invalid, D - dynamic 
 0    ;;; NAT
      chain=srcnat action=masquerade src-address=10.0.0.0/24 out-interface=pppoe-out log=no log-prefix="" 

 1    chain=srcnat action=masquerade log=no log-prefix="" 

 2    ;;; masq. vpn traffic
      chain=srcnat action=masquerade src-address=192.168.89.0/24 log=no log-prefix=""

Posted: **Fri Nov 10, 2017 7:25 pm**

I found a post suggesting to remove the L2TP Server secret and keep the users secrets. This solved my case and I am able to connect even with Mac OS X 10.13.

MikroTik

Problems with VPN and L2TP

Problems with VPN and L2TP

Re: Problems with VPN and L2TP