This article details a road warrior configuration using a Mikrotik router. It is based on connecting a Windows 10 PC to a hAP ac. The configuration enables a L2TP based VPN that uses IPSEC. This allows not only secure access to resources on your internal network from the Internet but can be used to secure your access when using public WiFi hotspots.
- Login onto the Mikroktik router and ensure the default admin user has had the password changed. Create a new user for yourself and assign full rights to that user. Go to the cloud settings and enable the cloud DDNS settings. This will enable you to access your Mikrotik from any location using Winbox and the cloud name. Ensure that you add a rule to allow access to port 8291.
- Create a bridge named vpnbridge.
- Enable the L2TP server in the PPP menu section. Assign an IPSPEC secret which you will use in the client setup.
- Create an IP address pool and ensure that it is not an overlapping range with the default pool created for the WiFi and Ethernet connections.
- Assign an IP Address on the router for the VPN IP addresses.
- Create a PPP profile named vpnprofile.
- Create the usernames and password for the VPN under the PPP Secrets menu.
- Create firewall rules for udp ports 500, 1701, 4500 and IPSEC.
- Created a VPN connection under Windows 10.
- The server name is the same of the cloud server name assigned in the DDNS settings in the first step above.
- You can now connect to the VPN on the road by clicking on the network icon in the taskbar.
Drop me a comment below if you have any questions about the setup.