How to setup Mikrotik as VPN client – L2TP

June 6, 2018
admin
Mikrotik, Networking, Router, VPN

To begin, log into your router.

Once logged in, click on the “PPP” tab on the left-side menu. You should have the “Interface” tab open. Now click on the sign and select “L2TP Client”

(Make sure you enter the correct details in the appropriate fields. Use the images as guides

)

This new window that you’ve opened is where you’ll create your L2TP VPN connection. Please edit the settings as follows:

Name: In this field, you can enter anything you like, for example “My L2TP“.
Max MTU and Max MRU: Leave these as default, so 1450
When you’re done, please click on the “Dial Out” tab (right next to the “General” tab).

In the “Dial Out” tab, enter your favorite proadco.vpn server settings, ie:

Connect To: vpn.frankfurt.proadco.eu, and enter your account username and password.

Now please go to the “IP” tab on the left-side bar and select “Firewall“. Click on the “NAT” tab and then click on sign, as shown below.

You should be in the “General” settings now so please carry out the following:

In “Chain“, select “srcnat” from the drop down menu
In “Out. Interface“, select the name of the HMA PPTP connection you just created.
Click on the “Action” tab when you’re done.

In the “Action” field, select “Masquerade” from the drop down menu.
Click “OK” when you’re done.

Now that you’re back to the “Firewall” window, click on the “Mangle” tab, click on the sign:

In “Chain“, select “prerouting” from the drop down menu.
In “Src. Adress“, enter the IP range you want to have routed through the VPN connection. To route all IPs in the Mikrotik routers subnet (assuming the router is 192.168.5.1), enter “192.168.5.100-192.168.5.150“.
When you’re done, click on the “Action” tab

Now that you’re in the “Action” tab, please edit the settings as explained below:

In the “Action” field, select “mark routing“from the drop-down menu.
In the “New Routing Mark” field, enter any name for the routing mark, e.g. “PPTP“
Check “Passthrough” option.
Click “OK“, when you’re done.

Now, click on “IP” (in the left side menu). In the “Routes List” window, click on “Routes” and then click on the sign. In the new window, please edit the following settings:

Dst. Address: has to be “0.0.0.0/0“
Gateway: Enter the name of the VPN connection you created. (in this case it’s “HMA PPTP“) from the drop down menu.
Routing Mark: Select the routing mark you created before. (e.g. “PPTP“)
Click “OK” when you’re done.

Now you’ll need to adjust your DNS settings, so to do that please follow the steps below. To begin, go to “IP” in the left-side menu and then click “DNS“.

Click on “Static” and then click on the sign
In the “Name” field, enter “OpenDNS1” ; “Address“: “208.67.222.222” and click “OK”.

Then click on the sign again but this time in the “Name” field, enter: “OpenDNS2” and in the “Address” field:”208.67.220.220” and click “OK” again.

Once again, click on the sign, and now in the “Name” field, enter: “Google1” and in the “Address” field type: “8.8.8.8” and click “OK” again.

And one last time, click on the sign, and in the “Name” field, enter: “Google2” and in the “Address” field type: “8.8.4.4” and click “OK” again.

Check “Allow Remote Requests“.
Click “OK“.

Check your location

Finally, you can check your new location by navigating to http://geoip.hidemyass.com/.

How to Setup a Multi-Protocol VPN Server Using SoftEther

How to FIX One or more network protocols are missing / Windows sockets registry entries are missing

Mikrotik L2TP with IPsec VPN Remote Access