Configuring PPTP VPN on Mikrotik
Virtual Private Network (VPN)
VPN is a computer network in which the connections between the devices (nodes) utilizing the public network so that all you need is an internet connection at each site.
When implementing a VPN, an interconnection of the nodes will have a special virtual path over public networks that are independent. This method is usually used to create communication that is secure, such as online ticketing system with a centralized database server.
Point to Point Tunnel Protocol (PPTP)
One service that is used to establish a VPN network is the Point to Point Tunnel Protocol (PPTP). A PPTP connection is composed of the Server and Client.
RouterOS can function as both a server and client or even enabled the two together in one machine the same. This feature is included in the package PPP, so you need to check in navigation system package if the package is already on the router or not. PPTP Client functions already exist in almost all of the OS, so that we can use a laptop / PC as PPTP Client.
PPTP is typically used for the network that already passed multihop router (Routed Network). If you want to use in your router make sure PPTP is no rule that does the blocking of TCP 1723 and IP protocol 47 / GRE for PPTP service using the protocol.
Topology
In this article will be exemplified when we will connect the network by implementing a VPN with PPTP. For its topology can be seen in the image below.
Office Router A and Router Office B connect to the internet via ether 1 and PC in each local network are connected to the Ether 2. Remote clients are also already connected to the internet.
We are going to configure that router A and A LAN network can be accessed from a LAN Router B and B as well as the Remote Client. Step-by-step setting PPTP with Winbox as follows:
Configuring PPTP Server
Based topology above, which became the center of PPTP link (concentrator) is Router Office A, then we must make a PPTP server settings on the router.
Enable PPTP Server
The first step that must be done is to enable PPTP server. Entry on the menu PPP-> Interface-> PPTP Server . Use profile "Default-encryption" in order to track an encrypted VPN.
Secret
At this stage, we can determine the username and password for the authentication client that will connect to the PPTP server. The use of uppercase and lowercase letters will have no effect.
- Local Address is the IP address that will be installed on the router itself (Router A / PPTP Server) after the PPTP link is formed
- Remote Address is the IP address to be provided to the client after the PPTP link is formed.
Example configurations as follows. Navigate to use the profile "Default Encryption"
Up here, the configuration of Router A (PPTP Server) is now complete, now we are doing the configuration on the client side.
Client Router Office B
steps to configure the PPTP client in Mikrotik Router are as follows:
Add a new interface PPTP Client, do the dial to the Public IP Router (PPTP server) and enter the username and password as secret PPTP Server setting.
Note: IP 10.10.10.100 is permission public IP of the server, to adjust to the actual implementation of public IP that you have.
After a PPTP connection is established, a new IP address will appear in both the Router with flag D attached in accordance with interface PPTP Secret PPTP server settings
Static Route
To this inter-router VPN connection has been established, but between the local network cannot communicate with each other, In order between the local network can communicate with each other, we need to add a static routing configuration
- Dst-address: local network Router opponent
- Gateway: IP PPTP Tunnel on both routers.
The addition of static routes on Router A
The addition of static route on the router B
Mobile Client
Client PPTP do not have to use the Router. As in the above network topology, there is a Remote Client (Laptop) that will connect to the VPN Router A.
Then we need to create a new Secret PPTP remote authentication server to the client.
Secret
username = Client2 ; password = 1234 ; Local Address = 10.20.20.1 ; Remote Address = 10.20.20.7
Then we need to configure PPTP Client on Laptop. Steps will be different in each OS. The following configuration tutorial PPTP Client for OS Windows 7.
Configuring PPTP Client Windows 7
Make sure the laptop you are able to access the internet. Entry on the menu Network and Sharing Center, and then create a new connection by selecting Set up a new connection or network.
On display next window, select Connect to a workplace and then click Next.
Next, Use My Internet Connection (VPN)
In the next step, we are prompted to enter the IP address to which we will make a connection. In accordance topology, then we enter the public IP address Router A. Destination name is a parameter to provide the name of the VPN interface that is being created.
Next enter the username and password as setting Secret in PPTP server. Then click Connect.
There will be a process of authentication, wait for it to finish.
If completed, the laptop will appear in the new interface with the name VPN installed Office A and IP address of IP-pool taking Remote Address according to the profile settings and Secret PPTP Server.
Up here the VPN connection from the laptop to the router A has been formed. Laptops are able to access the Router and LAN Network A.
To conduct a live remote to your Router IP addresses Router insert installed after the VPN link is established, ie the IP address 10.20.20.1.
Tips:
VPN lane will be stable and easier to configure when the server has dedicated internet lines and have a static public IP.
Transfer files between the site will follow the smallest bandwidth of both sites, so make sure the upload and download bandwidth on both sides of the site sufficient
For client devices that use Windows 7, by default only be connected if the server side to enable encryption
Source : Adyatma Yoga K (Mikrotik.co.id)
