VPN dengan menggunakan MikroTik RouterOS

VPN dengan menggunakan MikroTik RouterOS

Berikut langkah-langkah untuk setting tunnel PPTP dengan menggunakan mikrotik

1. setting identity name
2. setting ip address
3. setting ip dns
4. setting ip route
5. setting nat / masquerading
6. add ip firewall address-list
7. mark-connection
8. mark-routing
9. marking gateway
10. test traceroute

11. activate PPTP Server
– MTU 1460
– MRU 1460
>> PAP, CHAP, MSCHAP1, MSCHAP2

12. add secret
– Username = fery
– password = fery12345678
– services = pptp

13. setting profile (default profile)

– local address = 10.0.0.1
– remote address = 10.0.0.2
– dns server = 202.47.78.8
= 202.47.78.9

Setting PC untuk VPN
1. pastikan sudah bisa ping ke gateway server PPTP
2. setting vpn dengan mengarahkan IP address ke gateway server
3. login dengan menggunakan username dan password yang sudah dibuat

Capture Konfigurasi VPN dan memisahkan gateway local dan international

1. setting identity name
[admin@FeryJunaedi-Router1] > system identity print
name: “FeryJunaedi-Router1”
[admin@FeryJunaedi-Router1] >

2. setting ip address
[admin@FeryJunaedi-Router1] > ip address print
Flags: X – disabled, I – invalid, D – dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 10.8.8.45/24 10.8.8.0 10.8.8.255 LOCAL
1 192.168.10.1/24 192.168.10.0 192.168.10.255 LAN
2 202.47.77.249/28 202.47.77.240 202.47.77.255 INT
3 D 10.0.0.1/32 10.0.0.2 0.0.0.0 <pptp-fery>
[admin@FeryJunaedi-Router1] >

3. setting ip dns
[admin@FeryJunaedi-Router1] > ip dns print
primary-dns: 202.47.78.8
secondary-dns: 202.47.78.9
allow-remote-requests: yes
cache-size: 2048KiB
cache-max-ttl: 1w
cache-used: 20KiB
[admin@FeryJunaedi-Router1] >

4. setting ip route
[admin@FeryJunaedi-Router1] > ip route print
Flags: X – disabled, A – active, D – dynamic, C – connect, S – static, r – rip, b – bgp, o – ospf,
B – blackhole, U – unreachable, P – prohibit
# DST-ADDRESS PREF-SRC G GATEWAY DISTANCE INTERFACE
0 A S 0.0.0.0/0 r 10.8.8.1 1 LOCAL
1 A S 0.0.0.0/0 r 202.47.77.241 15 INT
2 ADC 10.0.0.2/32 10.0.0.1 0 <pptp-fery>
3 ADC 10.8.8.0/24 10.8.8.45 0 LOCAL
4 ADC 192.168.10.0/24 192.168.10.1 0 LAN
5 ADC 202.47.77.240/28 202.47.77.249 0 INT
[admin@FeryJunaedi-Router1] >

5. setting nat / masquerading
[admin@FeryJunaedi-Router1] > ip firewall nat print
Flags: X – disabled, I – invalid, D – dynamic
0 chain=srcnat action=masquerade
[admin@FeryJunaedi-Router1] >

7. mark-connection and 8. mark-routing
[admin@FeryJunaedi-Router1] > ip firewall mangle print
Flags: X – disabled, I – invalid, D – dynamic
0 chain=output action=mark-connection new-connection-mark=mark-local-con passthrough=yes dst-address-list=nice

1 chain=output action=mark-routing new-routing-mark=mark-routing-local passthrough=yes connection-mark=mark-local-con
[admin@FeryJunaedi-Router1] >

11. activate PPTP Server
12. add secret
[admin@FeryJunaedi-Router1] > ppp secret print
Flags: X – disabled
# NAME SERVICE CALLER-ID PASSWORD PROFILE REMOTE-ADDRESS
0 fery pptp fery123 default
[admin@FeryJunaedi-Router1] >

13. setting profile (default profile)
[admin@FeryJunaedi-Router1] > ppp profile print
Flags: * – default
0 * name=”default” local-address=10.0.0.1 remote-address=10.0.0.2 use-compression=default use-vj-compression=default use-encryption=default
only-one=default change-tcp-mss=yes dns-server=202.47.78.8,202.47.78.9

1 * name=”default-encryption” use-compression=default use-vj-compression=default use-encryption=yes only-one=default change-tcp-mss=yes
[admin@FeryJunaedi-Router1] >

~ by feryjunaedi on May 15, 2008.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: