Two earlier tutorial articles discussed RouterOS, an open source operating system that can convert your generic PC into an advanced, enterprise-type router and LAN server.
In Part 1 of that series, you built the machine, installed the Linux-based software, and started setting it up.
In Part 2, you configured the DHCP server to manage the IP addresses, enabled NAT to share the Internet, and configured the wireless interface for Wi-Fi access.
Now that all the basic setup is done, you can play around with the features. In this part, you’ll tinker around with the VPN capabilities.
More specifically, you’ll set up a L2TP/IPsec VPN server.
Then users can remotely connect via the Internet to access files through the tunnel or to just use it to secure their connection on a public network.
Plus you’ll configure site-to-site tunnels, so all your networks are connected.
Configuring the VPN (L2TP) Server
First, make sure that you have the PPP package installed. If it is, you’ll have a menu for it on the console or WinBox interface.
Then you can follow these steps to get the server working using the WinBox utility:
- Click PPP and select the Secrets tab.
- Click the Plus button.
- Enter a Name and Password.
- Enter a Local Address (such as 1.1.1.1) and Remote Address (such as 1.1.1.2).
- Click OK.
Now you can enable the server. Follow these steps:
- On the main PPP window, select the Interface tab.
- Click the L2TP Server button.
- Mark the Enabled checkbox and click OK.
Now you need to add an IPSec peer. Follow these steps:
- Click IP > IPsec and select the Peer tab.
- Click the Plus button.
- Make sure that the Auth Method is Pre-Shared Key.
- For Secret, enter a password to serve as the pre-shared key secret. You'll input this later when configuring Windows.
- Verify that the Hash Algorithm is sha and the Encryption Algorithm is 3des, which are used by default in Windows.
- Mark the Generate Policy checkbox.