Saturday, November 26, 2011

PPTP Server as Cisco for Mikrotik Client

Following configuration explains the Cisco as PPTP server and connecting two sites:

Following Configuration needed to enable the VPDN and default server:

vpdn enable
vpdn-group Mtik
! Default PPTP VPDN group
  protocol pptp
  virtual-template 1

interface Virtual-Template1
 ip unnumbered Loopback0
 peer default ip address pool IPPOOL1
 ppp encrypt mppe auto required
 ppp authentication ms-chap-v2 ms-chap pap

ip local pool IPPOOL1

Few more additional things we need to keep the same ip address for the user:
aaa new-model
aaa authentication ppp default local
aaa authorization network default local
aaa attribute list Gobi
 attribute type addr service ppp protocol ip mandatory
 attribute type route ""
 attribute type interface-config "description Gobi-test"

Finally apply the attribute list to the user:

username gobi password 0 test
username gobi aaa attribute list Gobi

Mikrotik Configurations:
/interface pptp-client
add add-default-route=no allow=mschap2 connect-to= \
    dial-on-demand=no disabled=no max-mru=1500 max-mtu=1500 mrru=1500 name=\
    gobi password=test profile=default-encryption user=gobi

[admin@HOST1] > ip add print
Flags: X - disabled, I - invalid, D - dynamic
 #   ADDRESS            NETWORK         INTERFACE
 0    ether1
 1    ether2
 2        ether1
 3 D   gobi
IP route placed in the mikrotik as static :
/ip route
add disabled=no distance=1 dst-address= gateway=gobi scope=30 \

1500 df-bit ping test
R1#ping size 1500 df-bit

Type escape sequence to abort.
Sending 5, 1500-byte ICMP Echos to, timeout is 2 seconds:
Packet sent with the DF bit set
Success rate is 100 percent (5/5), round-trip min/avg/max = 100/124/152 ms

No comments: