Home > MikroTik RouterNetworking > VPN Configuration with MikroTik Router

VPN Configuration with MikroTik Router

VPN (Virtual Private Network) is a technology that extends private network across a public network. It enables networks users to send and receive data across public network as if their network devices were directly connected to the private network.

MikroTik Router provides a lot of VPN services. Among them today I ‘ll show how to configure a client-server vpn with MikroTik PPTP service. With client-server vpn a user can access server, printer, IP phone and any other network devices of any private network across public network. For example, if you are a system administrator or an employee of an office and you need to access your office server, printer or any network devices while you are outside of your office, a client-server vpn will be better solution for you.

So, to configure a client-server vpn in MikroTik router this article will cover the below topology…

Client-server Network Topology

Client-server Network Topology

Here, a user is connected to his/her office by creating PPTP tunnel across public network and he/she is accessing office network devices through this PPTP tunnel. This article will show how to configure such a client-server vpn network where a user will be connected to his/her office for accessing network devices while he/she is outside of his/her office.

Required Information those are using here

  1. MikroTik WAN Network: (Must replace with your Public IP provided by ISP)
  2. MikroTik LAN Network:
  3. Local Address: (MikroTik LAN Interface IP)
  4. Remote Address: (IP address that remote user will get)

MikroTik Router basic configuration was discussed in my previous article. If you are new here, please spend some time to learn how to do MikroTik Router basic configuration using Winbox from very beginning. Then do the below steps to configure a client-server VPN network with MikroTik PPTP service.

PPTP server configuration steps:

  1. PPTP interface creation
  2. PPTP server enable
  3. Secrets (Username and Password) creation
  4. Enable proxy-arp to WAN interface.

PPTP Interface Creation

To create a client-server VPN with PPTP service, first you have to create a pptp interface. For this do the below steps:

  1. Go to PPP > Interface and click on add drop-down menu and then choose PPTP Server option.
  2. Put PPTP interface name in Name field and click on Apply and then OK button.

Enable PPTP Server

Now we will enable PPTP server in MikroTik Router. For this, do the below steps:

  1. Go to PPP menu item and click on PPTP Server button.
  2. Now click on enabled checkbox and then click Apply and OK button.
  3. Alternatively, you can do this cmd: > interface pptp-server server> set enabled=yes
  4. And to show pptp-server status: > interface pptp-server server> print

Secrets Creation (Username and Password)

Now it is time to create a user who will be connected to pptp server. For this do the below steps:

  1. Go to PPP > Secrets and click on add new button (+). 
  2. Now put username and password to Name and Password input field. Choose Service=pptp, Profile=default, Local Address= (Router interface IP), Remote Address= (Local IP address that user will get).
  3. Click Apply and OK button.
  4. Alternatively, you can do this cmd: > ppp secret> add name=username service=pptp password=123 local-address= remote-address=
  5. To show secrets from cmd: > ppp secret> print

You can add as many users who will be connected to your pptp server as you need by the above steps.

Enable proxy-arp to WAN interface

Lastly, you have to enable proxy-arp to WAN interface for identifying your remote user in arp list. For this do the below steps:

  1. Click on Interface  menu and double click on your WAN interface and choose ARP to proxy-arp.
  2. Alternatively, you can do this cmd: > interface ethernet> set ether1 arp=proxy-arp
  3. And to show Ethernet status: > interface ethernet> print

Your client-server vpn with MikroTik PPTP service is now ready if you do the above steps properly. Your vpn user are now able to login to your vpn server with the username and password provided by you. Create a VPN adapter in your favorite Operating System and login with the username and password. If you have any confusion to do above steps properly, please watch the below video carefully about VPN configuration with MikroTik Router for more details.

Client-server VPN configuration with MikroTik has been discussed in this article. If you face any problem to configure such a network, feel free to contact with me from my Contact page. I’ll try my best to stay with you.



I, Md. Abu Sayeed, am a system administrator. I like to share knowledge which I am learning from my daily experience. As a system administrator, I like to play with computer networking, Redhat Linux , Windows server, physical server and storage, virtual technology and other system related topics. I hope, my daily experiences which I am sharing in this website will be beneficial for you. This article is also a practical experience of mine. So, if this article is helpful for you, don't forget to give a positive feedback by sharing on your favorite social media or liking our Facebook Page. You can also keep subscribed to our website for getting email notification of new post by providing your name and email address in Subscription Page.   

Leave a Reply

Your email address will not be published. Required fields are marked *