Configuring Mikrotik Router to be Used with an L2TP VPN Connection on Windows

A RouterOS based Mikrotik router can be configured for several VPN connections. However, this tutorial provides instructions for configuring your Mikrotik router for an L2TP/IPSec VPN connection, including server configuration, creating a network on Windows and then configuring it for the IPSec connection.

Configuring the L2TP VPN Server

Before proceeding, you need to ensure that the PPP package is installed, which will provide you with a menu on the WinBox interface or the console.

  • Click on the PPP option on the left menu and select the ‘secrets’ tab and click on the ‘plus’ button.
  • You will be asked to enter values for name, password, local and remote addresses, after entering which, click on the ‘OK’ button.
  • Enable the L2TP server by clicking on the ‘PPP’ window, moving to the ‘interface’ tab and clicking on the ‘L2TP Server’ button.
  • In the new window, mark the checkbox for ‘enabled’ option and click ‘OK’ button to proceed.
  • After this, you should add an IPSec peer, for which, click on the ‘IP’ menu, select the ‘IPsec’ option and move to the ‘peer’ tab. Click on the ‘plus’ button to add a new peer.
  • Ensure that the ‘Auth method’ is set to ‘pre-shared key’ and enter a password to be used as the key, while configuring windows.
  • Also, make sure that the values for ‘Hash Algorithm’ and ‘Encryption Algorithm’ are set to ‘sha’ and ‘3des’ and enable ‘generate policy’.

Create a Connection in Windows

  • Open the ‘network connections’ window, start the new connection wizard by clicking on the ‘new connection’ icon and click ‘next’.
  • After this, you need to select ‘connect to network at my workplace’ and then ‘VPN connection’ in the subsequent windows, enter a desired name for the connection and then the IP address of the router’s server and click on the ‘finish’ button.
  • Open the properties of the new connection, move to the ‘security’ tab, click on the ‘IPSec settings, enable ‘use pre-shared key’ option and then enter the value used while configuring the router.
  • Now, move to the ‘networking’ tab, select the ‘L2TP IPSec VPN’ option and then click ‘OK’ to save all the changes.

Configuring the IPsec Settings

  • Execute the ‘mmc’ run command and click on ‘file’, then ‘Add/Remove Snap in’ on the window opened.
  • Now select ‘Action’ from the snap-in added, then ‘create IP security policy’ and follow the wizard enabling ‘Activate the default response rule’ and ‘edit properties’ options and then click on the ‘Finish’ button.
  • On the ‘properties’ window, click on ‘add’, ‘next’ and enable the option ‘This rule doesn’t specify a tunnel’. Select ‘LAN’, click ‘next’, then select ‘Use this string to protect key exchange’ and enter the ‘pre-shared key’ configured to router.
  • Create a new ‘IP Filter list’, click ‘add’, follow the wizard with ‘My IP Address’ & ‘Router’s IP Address’ as ‘source’ and ‘destination’ and click ‘OK’.
  • Now, select the filter list, click ‘next’, enable ‘Require Security’ and disable ‘properties’ option to proceed. Restart the router by selecting the ‘assign’ option for the new policy added.

VPN Service Providers


With this guide, you are now able to connect to an L2TP VPN connection using your Mikrotik RouterOS based router.

Rank VPN Provider Starting Price Money Back Guarantee
Visit Provider Site
1 Express VPN $6.67/ Month 30 Days visit expressvpn
2 $6.55/ Month 30 Days visit expressvpn
3 IpVanish VPN $10.00/ Month 7 Days visit ipvanish
4 $21/ 3 Months 7 Days visit strongvpn
Vypr VPN
$14.95/Month 7 Days visit vyprvpn
VN:F [1.9.22_1171]
VN:F [1.9.22_1171]
Filed in: Tutorials

Get Updates

Share This Post

Recent Posts

Leave a Reply

Submit Comment

© Best VPN Service. All rights reserved.