There is any way to configure L2TP/IPSEC VPN from remote clients that are not static routers?, not a site to site VPN, just a remote client that has diferents ips depending on the location. I have it working fine for PPTP or L2TP with no IPSEC.

There a lot of examples in the IPSEC manual and docs, but all of them are about MKT to MKT, or Cisco to MKT, no remote hosts (with no fix ip) to MKT.

Thanks a lot.

Typically you will have ot have ONE location with a fixed IP, something I can help with is by providing a central VPN server to your remote non-static clients. This is something I have done in the past, and depending on the speeds you are wishing, its not too hard to do.

le tme know if that might intrest you.

Need MikroTik Support? Contact
Dennis Burgess
St. Louis Network Engineering Services
http://www.mikrotikconsulting.com
dmburgess@mikrotikconsulting.com
Certified Mikrotik Engineer
Visit the website to purchase hours on-line.

You can use a service like dyndns.org

In most of my cases, I don't, I have a single MT that is at a datacenter just for your network, it will always have a public IP, so, all of your remotes will just connect to it.

YOU COULD, have a PC behind the MT, doing dynmaic DNS, but MT don't support it. YOu will also have to have a script that runs that rechecks the DNS and populates it in your connection going out. As MT don't use a DNS name to connect, it will convert it then go from there.

RouterOS does support ddns. You can script the :resolve function and have it replace IP addresses in the tunnels if you wish.

Right you can resolve it, I understand that, thats in the scripting, but what he may be intrested in is having hte router once on the net to send the Dynamic IP to a Dynamic DNS provider.

it can.

http://wiki.mikrotik.com/wiki/Dynamic_D ... angeIP.com

Sam

gmsmstr- Everything you say revolves around you making a buck. It's not welcome here. Almost every one of us on the forum have a business and it's a give/take relationship. It irks me that you are trying to sell unnecessary services all in the name of being MT certified. We all have to make money, but this is a Community forum in where we can all help each other. I don't come here expecting to pay someone for a solution. If I want to pay for a solution I'm going to pay someone that knows a heck of a lot more than you and someone who is honest. The only people that should be trying to sell something here are those hard working guys over in Latvia.

I'm done my rant.

MT does support dyndns and I'm sure that will work without a problem in the application.