Pada halaman kali ini kita akan menkonfigurasi VPN (Virtual Private Network) PPTP pada mikrotik. PPTP dapat menghubungkan 2 jaringan private site to site. langsung saja kita lihat tolopogi dan konfigurasi.
¶ Topologi
¶ Konfigurasi
¶ Preconfig
/system identity set name="R1"
/ip address
add address=192.168.1.1/24 interface=ether2
/ip dhcp-server setup
WAN Interface (public ip)
[admin@R1] > ip dhcp-client print
Columns: INTERFACE, USE-PEER-DNS, ADD-DEFAULT-ROUTE, STATUS, ADDRESS
# INTERFACE USE-PEER-DNS ADD-DEFAULT-ROUTE STATUS ADDRESS
0 ether1 yes yes bound 10.0.137.186/24
/system identity set name="R2"
/ip address
add address=192.168.2.1/24 interface=ether2
/ip dhcp-server setup
WAN Interface
[admin@R2] > ip dhcp-client print
Columns: INTERFACE, USE-PEER-DNS, ADD-DEFAULT-ROUTE, STATUS, ADDRESS
# INTERFACE USE-PEER-DNS ADD-DEFAULT-ROUTE STATUS ADDRESS
0 ether1 yes yes bound 10.0.137.92/24
¶ R1
- Pembuatan PPTP Server
/interface pptp-server server
set enabled=yes
- Pembuatan pptp Profil
/ppp profile
add name=pptp-profile local-address=172.16.1.1 remote-address=172.16.1.2
- Pembuatan secret
/ppp secret
add name=pptp-user password=password profile=pptp-profile service=pptp
¶ R2
- Konfigurasi PPTP client
/interface pptp-client
add name=pptp-out1 connect-to=10.0.137.186 user=pptp-user password=password profile=default-encryption disabled=no
¶ Konfigurasi Routing
¶ R1
/ip route
add dst-address=192.168.2.0/24 gateway=172.16.1.2
¶ R2
/ip route
add dst-address=192.168.1.0/24 gateway=172.16.1.1
¶ Verify
¶ Site to site connection
- PC1
PC1> ip dhcp
DORA IP 192.168.1.254/24 GW 192.168.1.1
PC1> ping 192.168.2.254
84 bytes from 192.168.2.254 icmp_seq=1 ttl=62 time=1.706 ms
84 bytes from 192.168.2.254 icmp_seq=2 ttl=62 time=1.996 ms
84 bytes from 192.168.2.254 icmp_seq=3 ttl=62 time=1.475 ms
84 bytes from 192.168.2.254 icmp_seq=4 ttl=62 time=2.156 ms
84 bytes from 192.168.2.254 icmp_seq=5 ttl=62 time=2.225 ms
- PC2
PC2> ip dhcp
DORA IP 192.168.2.254/24 GW 192.168.2.1
PC2> ping 192.168.1.254
84 bytes from 192.168.1.254 icmp_seq=1 ttl=62 time=1.578 ms
84 bytes from 192.168.1.254 icmp_seq=2 ttl=62 time=4.325 ms
84 bytes from 192.168.1.254 icmp_seq=3 ttl=62 time=2.132 ms
84 bytes from 192.168.1.254 icmp_seq=4 ttl=62 time=3.095 ms
84 bytes from 192.168.1.254 icmp_seq=5 ttl=62 time=1.754 ms
¶ log
[admin@R1] > ip address print
Flags: D - DYNAMIC
Columns: ADDRESS, NETWORK, INTERFACE
# ADDRESS NETWORK INTERFACE
0 D 10.0.137.186/24 10.0.137.0 ether1
1 192.168.1.1/24 192.168.1.0 ether2
2 D 172.16.1.1/32 172.16.1.2 <pptp-pptp-user>
[admin@R1] > ip route print
Flags: D - DYNAMIC; A - ACTIVE; c, s, d, y - COPY
Columns: DST-ADDRESS, GATEWAY, DISTANCE
# DST-ADDRESS GATEWAY DISTANCE
DAd 0.0.0.0/0 10.0.137.254 1
DAc 10.0.137.0/24 ether1 0
DAc 172.16.1.2/32 <pptp-pptp-user> 0
DAc 192.168.1.0/24 ether2 0
0 As 192.168.2.0/24 172.16.1.2 1