PPPoE Server Configuration in MikroTik Router
PPPoE (Point to Point Protocol over Ethernet) is one of the most popular services in MikroTik Router. PPPoE is an extension of the standard Point to Point Protocol (PPP). The difference between them is expressed in transport method: PPPoE employs Ethernet instead of serial modem connection. PPPoE is a client-server protocol that means PPPoE client (IP devices such as Desktop, Laptop, wireless Router etc.) will request for IP information to PPPoE server providing security information (username and password) and PPPoE server will provide IP information by matching that security information.
PPPoE provides extensive user management, network management and accounting benefits to ISPs and network administrators. PPPoE is used mainly by ISPs to control client connections for xDSL and cable modems as well as plain Ethernet networks. PPPoE is now most popularly used in local ISP company because local ISP user can so easily be maintained with this service. So, this article is designed to show how to maintain ISP clients by configuring a PPPoE server in MikroTik Router.
ISP Setup with PPPoE Configuration
As a system administrator of an ISP company, you have to maintain various offered bandwidth packages such as 512kbps connection, 1Mbps connection, 2Mbps connection and so on. The users of these packages can so easily maintain with MikroTik PPPoE service. Now I’ll show you how to configure a PPPoE service in MikroTik router to maintain your various offered packages. But before starting configuration, I’ll show you a basic simple network diagram where a MikroTik router is serving as a PPPoE server.
In the above network diagram, MikroTik router WAN port (ether 1) is connected to internet and LAN port (ether 2, where we’ll configure PPPoE server) is connected to a distribution switch. PPPoE clients (PC, Laptop, Tablet and Wireless Router) are connected to the PPPoE server through this distribution switch. This is a basic and small network. In practical, your network will be an enterprise network where there may have thousands of clients. But the configuration will be almost same. Only the difference is that you might use multiple Ethernet ports for network simplicity, where we are using only one port here. You might use multiple WAN ports for handling load balancing or network redundancy where we are using only one WAN port here. I’ll discuss load balancing or network redundancy in my coming article. If you want to use multiple Ethernet ports for your LAN, you have to create MikroTik Bridge virtual interface for accumulating multiple interfaces into a single interface and then configure PPPoE server in that virtual interface.
As PPPoE is a client-server protocol, there are two end configurations for PPPoE service.
- PPPoE server configuration in MikroTik Router
- PPPoE client configuration
To run a PPPoE service in your network, first you have to configure PPPoE server in MikroTik router and then you have to learn how to configure various PPPoE clients. In the rest of this article I’ll show you how to configure PPPoE server in MikroTik router and how to configure PPPoE client in windows operating system. However, I’ll recommend you that search in Google and learn how to configure PPPoE client in various operating platform.
5 Steps to Configure PPPoE Server in MikroTik Router
Now we are going to configure PPPoE server in MikroTik to maintain the clients of a Local ISP. Generally any ISP company has various offered packages depending on bandwidth. It is always better to maintain client bandwidth with MikroTik Queues service although bandwidth can also be maintained with PPPoE service. Specially I‘ll recommend you to use MikroTik PCQ service which I have explained in my previous article about ISP bandwidth management with MikroTik PCQ to maintain your different bandwidth packages. Now we’ll use PPPoE server only for assigning different IP Block’s IP to different clients according to their bandwidth packages. For example, our proposed IP blocks for different bandwidth packages will be like below.
- 512kbps client will get 172.16.0.0/24 block IP
- 1Mbps client will get 172.16.1.0/24 block IP
- 2Mbps client will get 172.16.2.0/24 block IP
So, now we will configure our PPPoE server like that when a user purchase 512kbps connection, he/she will get a 172.16.0.0/24 block IP with his username and password. Similarly, when a user will purchase 1Mbps connection, he/she will get a 172.16.1.0/24 block IP and a 2Mbps user will get a 172.16.2.0/24 block IP. Complete PPPoE server configuration in MikroTik router can be divided into 5 steps.
- MikroTik router basic configuration
- IP Pool configuration
- PPPoE server configuration
- PPP profile configuration
- PPP secrets (username and password) configuration
Step 1. MikroTik Router Basic Configuration
MikroTik router basic configuration is the prerequisite to complete PPPoE server configuration. MikroTik router basic configuration includes assigning WAN and LAN IP addresses, Gateway configuration, DNS configuration and NAT configuration. If you are a new MikroTik user, feel free to spend some time to study my previous article about MikroTik router basic configuration using Winbox because how to configure MikroTik router from very beginning has been explained in that article. In this article, I assume that you have some knowledge about MikroTik router. So, if you are familiar with MikroTik router, follow below steps to complete MikroTik router basic configuration.
- Login to your MikroTik router using winbox software and go to IP > Addresses and then click on add new button (PLUS Sign). New Address window will appear now.
- In this window, put your WAN address that you have got from ISP company in Address field and choose ether1 or your WAN interface that like from Interface drop-down menu and then click Apply and OK button. WAN address will be assigned successfully.
- Again, click on add new button (PLUS Sign) and put your LAN address (in this article, I am using 172.16.0.1/24) in Address field and then choose your LAN interface from Interface drop-down menu. Now click Apply and OK button. LAN address will be assigned successfully.
- Now go to IP > DNS menu. DNS Settings window will appear. In this window, put DNS server address that you have got from ISP company or you can use Google’s public DNS IP (220.127.116.11) in Servers input box. You can put secondary DNS server IP by clicking add new value button located after the Servers input box. Optionally, you can turn your MikroTik router as a DNS server. Turning your MikroTik router as a DNS server is a better idea, I think. Because if you use public DNS server in your network, every DNS request of your user will consume your paid bandwidth. But if you turn MikroTik router as a DNS sever, your user will get DNS solution from MikroTik router without consuming your paid bandwidth. So, if you want to turn MikroTik as a DNS server, click the Allow Remote Requests check box and click Apply and OK button. Your MikroTik router is now a DNS server. All MikroTik IP addresses can now be used as a DNS server IP including WAN IP which is a public IP and problem will arise here. If anyone outside of your LAN use your WAN IP as a DNS IP, your MikroTik will be happy by serving him/her DNS solution consuming your paid bandwidth. So, for stopping DNS request from outside of your LAN, you should apply a firewall rule that will drop all DNS requests coming from your WAN interface (in this article, ether1). For this, go to IP > Firewall menu and click on add new button (PLUS Sign). New Firewall Rule window will appear now. Under General tab, choose Chain: input, Protocol: udp, Dst. Port: 53 and In. Interface: ether1. Now choose Action: drop from Action Tab and click Apply and OK button. Create another similar rule for TCP connection. Click on add new button (PLUS Sign) again and choose Chain: input, Protocol: tcp, Dst.Port: 53 and In. Interface: ether1 and then choose Action: drop under Action tab and click Apply and OK button. Now your MikroTik DNS server is safe from outside of your LAN.
- Go to IP > Routes menu for setting Gateway. From Route list window, click on add new button (PLUS). New Route window will appear now. Put your gateway address that you have got from your ISP in Gateway input field and click Apply and OK button. MikroTik default gateway will be assigned now.
- Now you have to create NAT rule so that your LAN user can access internet through your router. For this, go to IP > Firewall menu and click on NAT tab. Now click on add new button (PLUS Sign). New NAT Rule window will appear. Choose Chain: srcnat and Address: 172.16.0.0/16 under General tab and choose Action: masquerade from Action tab and then click Apply and OK button. Note that we are using all Class B IP blocks for masquerading because all our LAN IP block will be within this block.
MikroTik router basic configuration for configuring a PPPoE server will be completed if you follow the above steps carefully. If you face any problem to complete MikroTik router basic configuration, follow my video tutorial about MikroTik Router Basic Configuration using Winbox. I hope, it will reduce your confusion. Now we will do our second step about IP Pool configuration for configuring a PPPoE server successfully.
Step 2. IP Pool Configuration
We will now create three IP Pools because we assume that we have three offered packages and our user will get different IP block IP according to their package purchase. So, follow below steps to create IP Pools in your MikroTik router.
- Go to IP > Pool menu and click on add new button (PLUS Sign). New IP Pool window will appear now. Put Name: 512kbps_Pool and Addresses: 172.16.0.2-172.16.0.254 in New IP Pool window and click Apply and OK button. When a user will purchase a 512kbps connection, he/she will get an IP from this IP address range. Note that address range excludes the first IP because it will be used as a Gateway address.
- Similarly, create another two new IP Pool named as 1Mbps_Pool and 2Mbps_Pool and Address range will be 172.16.1.2-172.16.1.254 and 172.16.2.2-172.16.2.254 accordingly.
IP pool configuration has been completed. Now we’ll go our next step about PPPoE server configuration in MikroTik Router.
Step 3. PPPoE Server Configuration
Now we’ll configure our PPPoE server in MikroTik router. Follow bellow steps carefully for proper PPPoE server configuration in MikroTik router.
- Click on PPP menu item from left menu bar. PPP window will appear now. Click on PPPoE Servers tab and then click add new button (PLUS Sign). New PPPoE Service window will appear now. In this window, put your PPPoE server name (in this article I am giving Service Name ISP_PPPoE_Server) as you like in Service Name input box.
- Now choose your LAN interface where PPPoE server will be created from Interface drop-down menu. In this article, I am using ether1. If you create bridge interface, your bridge interface will be available in this list. So, choose bridge interface if you want to create PPPoE server in your bridge interface.
- Click on One Session Per Host If you left it blank, multiple host/devices can be connected with the same username and password. Obviously, you don’t want it.
- At the bottom of this window, you can see there are 4 authentication methods. Here only select PAP, and unselect all others. Now click Apply and OK
PPPoE server configuration in MikroTik router has been completed. Now we’ll create three profiles from where our clients will get IP address.
Step 4. PPP Profile Configuration
Now we will create there profiles those will be used by our clients for getting IP addresses. Follow below steps to create PPP profile in MikroTik router.
- Open PPP window by clicking PPP menu from MikroTik menu bar and then click on Profiles tab. You will see already two default profiles are created by MikroTik. We will do nothing these default profiles. We will create three new profiles here. For this, click on add new button (PLUS Sign). New PPP Profile window will appear now.
- In New PPP Profile window, put your profile name as you want in Name For simplicity, I am using 512kbps_Connection. Now put Local Address: 172.16.0.1 and choose 512kbps_Pool from Remote Address drop-down menu. Note that Local Address is the gateway address of this IP block which not included in 512kbps_Pool. So, when a 512kbps user will connect to this profile, he/she will get an IP from 512kbps_Pool and his/her gateway will be 172.16.0.1 that means this IP is one of the MikroTik IPs.
- At the bottom of this window, put MikroTik IP that you have used for Local Address (for this profile: 172.16.0.1) as DNS Server because we have turned our MikroTik router as a DNS server. Optionally, you can put another DNS server IP that you have got from your ISP or Google’s public DNS 18.104.22.168 by clicking add new value button located after DNS Server input box.
- Now click Apply and OK button.
- Similarly, create another two profiles for 1Mbps connection and 2Mbps connection. In this case, put 172.16.1.1 and 172.16.2.1 as Local Address and choose 1Mbps_Pool and 2Mbps_Pool for Remote Address
- Optionally, you can set limit for these users from Limits For this, click on Limits tab and put download and upload speed in Rate Limit (rx/tx) input box in bit. For example, type as 512000/512000 for this profile. My experience using this option is not so good. So, I’ll recommend to use MikroTik PCQ service for control user bandwidth.
PPP profile configuration has been completed. Now we will create user secret (username and password) so that they can connect to our PPPoE server with this secret.
Step 5. PPP Secret Configuration
Now we will create secret that means username and password of a client by which he/she will be connected to our network. Follow bellow steps to create secrets of your clients.
- Open PPP window and click on Secrets New PPP Secret window will appear now.
- Put the username of any client in the Name input box and put password in Password input box. Note that username and password are necessary when any client will be connected from his workstation (PC, Laptop, Router and so on). Also, it is case-sensitive. So, be careful to put these field.
- Now choose Service: pppoe from Service drop-down list and choose profile for this user from Profile drop-down list. If this user purchase a 512kbps connection, choose 512kbps_Connection profile or choose the option according to the connection type of this user.
- Optionally, you can bind any device with this username and password by providing MAC address. For this, put MAC address of any device in Caller ID input box. If you put MAC address of any device in Caller ID, only this device can be connected with this secret (username and password).
- Do the above steps for all your clients and provide him/her username and password to connect to your PPPoE server.
PPP secret configuration has been completed as well as all the steps for configuring a PPPoE service in MikroTik router has been completed. Now I’ll show you how to configure PPPoE client in windows operating system in the rest of this article.
PPPoE Client Configuration
We have completely configured a PPPoE service in MikroTik router. Now your MikroTik is ready to accept PPPoE client. A number of PPPoE clients are present now a day. Among them, now I’ll show you how to configure PPPoE client in windows 7 operating system. All other versions of windows operating system follow almost the same procedure. So, you don’t face any difficulty, I think. However, if you feel any problem to configure PPPoE client of any operating platform, I recommend you to do Google and learn how to configure PPPoE client of that specific operating platform.
Steps to Create PPPoE dial Up Connection in Windows 7
Microsoft PC dialer is used to connect remote PPPoE server in window 7 to get access to the internet. So, you have to configure Microsoft PC dialer in windows 7 PC to get access to the internet through your MikroTik router. Follow my bellow steps to create PPPoE connection in windows 7 with built in PPPoE wizard.
- Connect an Ethernet cable to windows 7 PC from your network switch.
- Open Network and Sharing Center from Control Panel.
- Now click on Setup a new connection or network link under Change your networking settings area. Set Up a Connection or Network window will appear.
- In this window, click on Connect to the internet option and click the Next Connect to the Internet window will appear.
- Click on Broadband (PPPoE) option from this window and put username and password that you have created in PPP secret configuration step in User name and Password input field accordingly. Optionally, you can change connection name in Connection name input field and you can also click on Remember this password option otherwise you have to provide password every time you start your PC. Now click on Connect If you provide correct username and password, The connection to the Internet is ready to use message will be shown. Now click on Close button. A dialer will be created in your windows 7 PC and you can enter your credential anytime to connect Internet with this dialer.
You are now connected to the internet with PPPoE dialer. Browse any site. I hope, you will be successful to browse any site now.
PPPoE server configuration for a local ISP or a office network will be successful if you follow the above steps carefully. However, if you face any confusion to do above steps successfully, watch my below video about PPPoE server configuration in MikroTik router. I hope, it will help you to configure your PPPoE server successfully.
PPPoE server configuration in MikroTik router has been explained step by step in this article. Also, PPPoE client configuration in windows operating system has been shown here. I hope, you are now able to configure a PPPoE server in MikroTik router to maintain your ISP clients. However, if you face any problem to configure PPPoE service in MikroTik router, feel free to discuss in comment or contact with me form Contact page. I’ll try my best to stay with you.