Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vladimir Paziy2015-06-17 07:12:32
VPN
Vladimir Paziy, 2015-06-17 07:12:32

How to set up a VPN client on Mikrotik, for only one port and at the same time have a VPN server on Mikrotik itself?

Hello. There is a mikrotik rb-951 There is a task to configure the OS Routerboard in such a way that when inserting a cable into the laptop, the traffic going via ether3 goes through the VPN and at the same time is isolated from the local network from which the connection is made.
Those. there is a corporate network, which sometimes you have to connect to from home (from different devices via cable or Wi-Fi, but you only need to do it via cable and through one port). Now openvpn is launched on the target machine for this. In ovpn file settings:

auth-user-pass
dev tun
remote ovpn.xxx.ru 1195 udp
remote ovpn.xxx.ru 443 tcp
client
resolv-retry infinite
comp-lzo no
persist-key
persist-tun
verb 3
setenv CLIENT_CERT 0
-----BEGIN CERTIFICATE -----
certificate data here
-----END CERTIFICATE-----

I would like the entire home local network to work as usual, but if you insert the cord from the computer into ether3, then this machine would automatically get into the corp network, but Mikrotik does not know how to udp.
With all this, I want to raise an IPSEC server on Mikrotik, so that being somewhere in someone else's network with your android smartphone, you can connect to someone else's Wi-Fi, and the entire Internet goes to it through your Mikrotik. I don't understand how to organize all this.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
C
Cool Admin, 2015-06-17
@paziy

1. First, raise the VPN from Mikrotik to the corp network.
2. Then separate eth3 from your local mesh (most likely by correcting the master port property in the port settings).
3. Then, through routing and NAT, wrap the necessary traffic into the tunnel from step 1.
These settings do not conflict with the raised l2tp server covered with IPSec encryption at all. Set it up according to this detailed documentation: blog.f1mikrotik.com/2014/08/18/l2tp-ipsec-vpn

Report
G
Grustnui, 2015-06-19
@Grustnui

I would like to add that on junior Mikrotiks, the processor is not very powerful and there is no support for hardware encryption, as a result, the vpn speed will be 2-5 Mbps, depending on the encryption and model.

Report
L
levinnsk, 2020-04-02
@levinnsk

Maybe it will help someone:
Connect two Mikrotiks using the EoIP Tunnel protocol, create a separate bridge on the client Mikrotik for the tunnel and port that you need. Checked personally, the computer is completely located in the office LAN and receives IP from the office. If you wish, you can add encryption.
But this option is only if there are white IPs on both sides.

Similar questions
L
Luchnik222012-05-30 11:57:34
How to establish a computer-to-computer connection? 5Reply
W
winser2015-11-28 14:21:10
How to connect VPN on all computers in the local network? 2Reply
E
Ernest Vardanyan2020-05-19 12:01:40
How to solve the access problem? PROXY or VPN? 1Reply
M
mihass2012-07-05 22:11:04
How to block access to the network to everything except OpenVPN? 5Reply
A
Alexandra2015-12-07 11:49:40
Kerio client: is it possible to connect to more than one server at the same time? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question