MikroTik

Community discussions
https://forum.mikrotik.com/

Default PPP profiles

https://forum.mikrotik.com/viewtopic.php?t=170721

Page 1 of 1

Default PPP profiles

Posted: Sat Dec 12, 2020 2:23 pm
by sleerf
I know this may seem like a very basic question but my engineer is out and this makes me nervous.

We have two default profiles in PPP = default and default encrypted.

I do understand that these are used as templates. But they have public IPs on them and I see no place to create a password.

Is this really how they should be set? Is it safe? Or should I maybe pull the IPs out?

Just scratching my head here because they're in the same list as several users and I figured it made sense to be safe rather than sorry.

Re: Default PPP profiles  [SOLVED]

Posted: Sat Dec 12, 2020 4:06 pm
by tdw
A /ppp profile sets various parameters used by PPP-like (PPP, PPPoE, PPTP, L2TP, SSTP, OVPN) clients and servers, but not passwords. Local servers use the passwords specified under /ppp secret, or RADIUS, to authenticate remote clients. See https://wiki.mikrotik.com/wiki/Manual:PPP_AAA

Local client interfaces specify a username and password as part of the interface declaration, e.g. a PPPoE WAN connection under /interface pppoe-client will contain name= and password= parameters.

Generally it is best to leave the default profiles as is, typically these would be used by local client interfaces, and create additional profiles containing additional parameters as required, e.g. a remote address pools and local address for a VPN server.

Re: Default PPP profiles

Posted: Sun Jan 10, 2021 6:15 pm
by sleerf
A /ppp profile sets various parameters used by PPP-like (PPP, PPPoE, PPTP, L2TP, SSTP, OVPN) clients and servers, but not passwords. Local servers use the passwords specified under /ppp secret, or RADIUS, to authenticate remote clients. See https://wiki.mikrotik.com/wiki/Manual:PPP_AAA

Local client interfaces specify a username and password as part of the interface declaration, e.g. a PPPoE WAN connection under /interface pppoe-client will contain name= and password= parameters.

Generally it is best to leave the default profiles as is, typically these would be used by local client interfaces, and create additional profiles containing additional parameters as required, e.g. a remote address pools and local address for a VPN server.
Thank you!
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/