Re: [AFMUG] Easiest VPN on mikrotik

Fri, 09 Dec 2016 11:06:07 -0800

When I looked at this recently, the options were OpenVPN, SSTP, L2TP, or PPTP. I crossed off OpenVPN and SSTP because they needed SSL certificates in order to have encryption, it just seemed like more hassle than I was willing to deal with. 
PPTP didn't work on iOS.
That left L2TP. L2TP doesn't have any encryption capability built in, so hence L2TP+IPSec. 


I think you can do L2TP without encryption and I think that's about the 
same number of steps as PPTP....but it was not a big deal to add IPSec 
once I had a working example to go off from.




------ Original Message ------
From: "Adam Moffett" <[email protected]>
To: [email protected]
Sent: 12/9/2016 1:58:59 PM
Subject: Re: [AFMUG] Easiest VPN on mikrotik


PPTP no longer supported on Apple iOS though.


L2TP+IPSec is almost as easy as PPTP.  Just use this guide instead of 
the Mikrotik Wiki which is out of date.

https://www.nasa-security.net/mikrotik/mikrotik-l2tp-with-ipsec/


------ Original Message ------
From: "Josh Luthman" <[email protected]>
To: "[email protected]" <[email protected]>
Sent: 12/9/2016 1:09:50 PM
Subject: Re: [AFMUG] Easiest VPN on mikrotik


+1 for PPTP


Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373

On Fri, Dec 9, 2016 at 12:47 PM, Tushar Patel <[email protected]> wrote:

PPTP on mikrotik. It will be same, IP address and username and 
password.


Tushar



On Dec 9, 2016, at 11:42 AM, That One Guy /sarcasm 
<[email protected]> wrote:



I have a non WISP customer with some cameras they monitor, not 
NVR/DVR to speak of yet. The cameras are port forwarded (called 
pinholes in their current router) individually, so theyre pretty 
much exposed IoT targets.
Im putting a mikrotik in because the Fortigate solution is cost 
prohibitive. Fortigates ssl vpn is slick, easy and end user friendly 
(for the client)
Whats the easiest VPN/client on a mikrotik. It would be great if it 
was as simple as the fortigate, they have a workstation client and 
most phone apps, All I need to do is give them an IP/FQDN and their 
username and password, its done.


--

If you only see yourself as part of the team but you don't see your 
team as part of yourself you have already failed as part of the 
team.






















					Reply via email to