Home » MikroTik RouterVPN Configuration » MikroTik VPN Configuration with PPTP (Connecting Remote Client)

MikroTik VPN Configuration with PPTP (Connecting Remote Client)

VPN (Virtual Private Network) is a technology that extends private network across a public network. It enables private network users to send and receive data across public network as if their network devices were directly connected to the private network.

MikroTik Router provides a lot of VPN services. Among them, MikroTik PPTP is the mostly used VPN service. It is a client-server VPN. So, a user can access server, printer, IP phone and any other network devices of any private network across public network using MikroTik PPTP. For example, if you are a system administrator or an employee of an office and you need to access your office server, printer or any network devices while you are outside of your office, MikroTik PPTP will be a better solution for you.

MikroTik PPTP service can be applied in two methods.

  • Connecting remote workstations/clients (VPN between routers and PPTP clients, almost all OSs including Windows)
  • Site-to-Site PPTP (VPN between routers)

In this article, I will show how to configure MikroTik PPTP service that will be able to connect a remote workstation (any Operating System including Windows) across public network and the remote workstation will be able to get access to local network as if the workstation was directly connected to the local network.

Network Diagram

To configure a MikroTik PPTP service that will connect a remote workstation across public network, I am establishing a network like below diagram.

Client-server Network Topology

Client-server Network Topology

In this diagram, a MikroTik Router (say your office router) is connected to internet through ether1. Workstations are connected to ether2. Laptop is connected to the internet and can reach MikroTik Router’s public IP. After configuring PPTP Tunnel, the laptop will be able to connect to MikroTik local network as if it was directly connected to the local network.

IP Information for this configuration

  1. MikroTik WAN IP: 172.22.15.221/24 (Must replace with your Public IP provided by your ISP)
  2. MikroTik LAN Gateway: 192.168.20.1/24
  3. Local Address for remote client: 192.168.20.1 (MikroTik LAN Interface IP)
  4. Remote Address: 192.168.20.50 (IP address that will be assigned to remote client)

MiroTik VPN Configuration with PPTP

VPN configuration in MikroTik router with PPTP service can be divided into two steps.

  1. MikroTik router basic configuration
  2. PPTP server configuration

MikroTik Router Basic Configuration

MikroTik Router basic configuration is prerequisite to configure a PPTP VPN in MikroTik router. If you are a new MikroTik user and don’t know how to do MikroTik router basic configuration, please spend some time to study my previous article about MikroTik router basic configuration using winbox from very beginning and complete basic router configuration and then follow the rest of this article to configure a VPN network with MikroTik PPTP service.

PPTP Server Configuration in MikroTik Router

After completing MikroTik router basic configuration, you need to configure PPTP server in MikroTik Router. Complete PPTP server configuration in MikroTik router can be divided into four steps.

  1. Enabling PPTP server
  2. Creating Secrets (Username and Password)
  3. Enabling proxy-arp to WAN interface.
  4. Creating PPTP interface

Step 1: Enabling PPTP Server in MikroTik Router

The first step to create PPTP Tunnel in MikroTik Router is to enable PPTP server. The following step will show how to enable PPTP server in your MikroTik Router.

  1. Go to PPP menu item and click on PPTP Server button from PPP window.
  2. Now click on enabled checkbox and then click Apply and OK button. PPTP server will be enabled.
  3. Alternatively, you can do this cmd: > interface pptp-server server> set enabled=yes
  4. And to show pptp-server status: > interface pptp-server server> print

Step 2: Creating Secrets(username and password)

Now it is time to create a user who will be connected to pptp server. To create username and password, follow the below steps carefully.

  1. Go to PPP > Secrets and click on add new button (+). 
  2. Now put username and password in Name and Password input field. Choose Service=pptp, Profile=default, Local Address= 192.168.20.1 (Router interface IP), Remote Address= 192.168.20.50 (Local IP address which will be assigned to user).
  3. Click Apply and OK button. A PPTP user that means VPN user will be created now.
  4. Alternatively, you can do this cmd: > ppp secret> add name=username service=pptp password=123 local-address=192.168.20.1 remote-address=192.168.20.50
  5. To show secrets from cmd: > ppp secret> print

You can add as many users who will be connected to your pptp server as you need by the above steps.

Step 3: Enabling proxy-arp to WAN interface

Lastly, you have to enable proxy-arp to WAN interface for identifying your remote user in arp list. For this, do the below steps carefully.

  1. Click on Interface  menu and double click on your WAN interface and choose ARP to proxy-arp.
  2. Alternatively, you can do this cmd: > interface ethernet> set ether1 arp=proxy-arp
  3. And to show Ethernet status: > interface ethernet> print

Step 4: Creating PPTP Interface

You can optionally create PPTP interfaces. If you do not create PPTP interface manually, a PPTP interface will be created dynamically when a user will be connected. The following steps will show you how to create a PPTP interface for a specific user manually in MikroTik router.

  1. Go to PPP > Interface and click on PLUS SIGN (+) and then choose PPTP Server option.
  2. Put PPTP interface name in the Name field.
  3. Put username for whom you are creating this interface in User input field.
  4. Click on Apply and then OK button.

Only create this interface if you need to apply specific filter rule for a specific user otherwise it is always better to allow creating PPTP interface dynamically.

Your VPN tunnel with MikroTik PPTP service is now ready if you follow the above steps properly. Your VPN users are now able to login to your VPN server with username and password provided by you. Create a VPN adapter in your favorite Operating System and login with username and password. If you have any confusion to do above steps properly, please watch my below video carefully about MikroTik VPN configuration with PPTP. I hope, it will remove your any confusion about VPN in MikroTik Router with PPTP service.

MikroTik VPN configuration with PPTP has been discussed in this article. I hope, you are now able to configure a VPN tunnel with MikroTik PPTP. However, if you face any problem to configure a VPN network with MikroTik router, feel free to discuss in comment or contact with me from Contact page. I will try my best to stay with you.

vpn-configuration-with-mikrotik-router

ABOUT ME

I, Md. Abu Sayeed, am a system administrator. I like to share knowledge that I am learning from my daily experience. As a system administrator, I like to play with computer networking, Redhat Linux , Windows server, physical server and storage, virtual technology and other system related topics. I hope, my daily experiences that I am sharing in this website will be beneficial for you. So, if this article is helpful for you, don't forget to give a positive feedback by sharing on your favorite social media or liking our Facebook Page. You can also keep subscribed to our website for getting email notification of new post by providing your name and email address in Subscription Page.   

One comment

Leave a Reply

Your email address will not be published. Required fields are marked *

*