Now add route for the 192.168.100.0/224 subnet in IP ROUTE section, via pptp gateway. Now add user so that we will be testing from remote location NAS.Īdd caller-id=”” disabled=no limit-bytes-in=0 limit-bytes-out=0 name=aa password=aa profile=vpn-profile routes=”” service=any Set authentication=mschap1,mschap2 default-profile=default-encryption enabled=yes keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled Set 2 change-tcp-mss=yes name=default-encryption only-one=default use-compression=default use-encryption=yes use-mpls=default use-vj-compression=default
Use-compression=default use-encryption=default use-mpls=default use-vj-compression=default Set 0 change-tcp-mss=yes name=default only-one=default use-compression=default use-encryption=default use-mpls=default use-vj-compression=defaultĪdd change-tcp-mss=default dns-server=10.0.0.1 local-address=10.0.0.1 name=vpn-profile only-one=default remote-address=PPP-Pool \
įirst add IP pool for VPN users, like same as LAN series but with specific series.Īdd name=PPP-Pool ranges=172.16.0.1-172.16.1.255 because if you do so it will override default route and will route every traffic including internet requests too to head office, which will overload head office internet connection, since we only want to route request for specific IP/subnet, so we will create a route at both end so that request for specific ip subent should go via vpn tunnel. Now at branch office, create a pptp client in mikrotik pptp section, and add head office IP / user id passwd, Dont forget to UNCHECK “add DEFAULT ROUTE” button. So this is a short guide on howto create central Radius Server and connected all remote branches/nases with it.Ĭreate PPTP server at your Head Office Mikrotik.Ĭreate user account in secret section, nd assign him fix IP address like 172.16.1.50 All locations have there own internet connectivity with various ISP’s but we want to use our main RADIUS server as a centralized billing solution for all the REMOTE locations. All remote locations have Mikrotik Router boards as NAS and have dynamic public IP. Radius Billing system is connected with LAN. Main Mikrotik router at NOC have fixed public IP.
An ISP have multiple locations all over the country.