Networking with Mikrotik | Part 2: Small Office Setup (VPN Setup)

Ashikur Rahman
4 min readOct 21, 2024

--

Hi Everyone, Welcome Back. In the Last Part, we set up our Router with the Given Configuration from the ISP. Now, we are going to focus on our employees who are working from home. They will require VPN support to connect with our Office Internal Server System.

Network Digram of Small Office

AS Our Most of our employees who are working from home, are Windows or Mac Users. They required an L2TP VPN Server Protocol to connect with our office network.

Let’s go With the Setup.

Let’s Open Your Mikrotik Router With Winbox.[I am Using Latest Winbox 4]

We need to Create a IP Address for Our Home User to Why can Pass the Network In.

Go to IP >> Pools >> Add New >> Choose your IP Block. For me, I have selected 192.168.100.0/24 — and Give it a Name VPN >> Apple — Done

Pool Profile

Now Let’s Go to PPP >> Profile [We need to create a profile that will assign to VPN Users]

VPN Profile

Over here I have done this configuration

Name: vpn-profile

Local Address: 192.168.10.1 [My Router Default address. you can use yours]

Remote Address: vpn [IP Pool that we created before]

Bridge: vpn-bridge [I created that before so I can separate vpn users to see in under an interface]

DNS Servers: 1.1.1.1, 1.0.0.1 [I used cloudflare DNS. You can use your own or any other public DNS provider]

Apply >> Done. Now we are Ready to Setup Our L2TP Server

GO to >> PPP >> L2TP Server >> do the given configuration and apply >> done

L2TP Server Setup

Enabled the L2TP

Keepalive: 3000

Default Profile: vpn-profile [that we create before]

Authentication : Enable all | if your are using radius to auth that then use chap, pap

Use Ipsec: Yes

IpSec Password: setup as you want

caller id type: IP address

active one session per host: this will allow the user to use one device per connection. means he can’t use 2 devices same time.

Now Go to PPP>> Secret>> Create a user >> Apple >> Done

Secret Profile Making

I have given my name medium, and password as I want. Service L2TP Profile vpn-profile. Apply OK.

Now Let’s Test it. I am on Mac I will give the Mac guide.

Open Settings >> Network >> VPN >> Add VPN Configuration >> fill the information.

VPN Config

Select L2TP Over IpSec

File the Information

Give a Display Name

Configuration: Default

Server Address: Your server Real Ip

Account Name: medium || User Name you create

Password: your user password

Machine Auth: Shared password

Shared Password: This is the password you have used on l2tp server setup. IP Sec Password.

Click Ok

Let’s Connect The VPN

vpn connected
vpn connected

Looks Like Our VPN is Connected and It’s getting the Ip from our IP Pools

Let’s check our mikrotik PPP >> Interface to make sure all ok.

L2TP Connected

Great News. Your Home User is now connected to your network by L2TP VPN.

Internet Use Graph

Looks like It’s using the Internet.

Now you have learned how to use setup L2TP Vpn Server using Mikrotik.

--

--

Ashikur Rahman
Ashikur Rahman

Written by Ashikur Rahman

0 Followers

Hi. I am Ashikur Rahman. Networking and System Engineer and Certified Mikrotik, GCP and AWS Devops.

No responses yet