how to create a pptp vpn connection between a mikrotik router and a windows 7, 8 or 10 device

How To Create A PPTP VPN Connection Between A Mikrotik Router And A Windows 7, Windows 8 Or Windows 10 Device.

The Point To Point Tunneling protocol is a network communications technology used to create virtual private network (VPN) connections between two or more sites or between a single/multiple mobile devices and a single main/head office site. PPTP is a fast VPN protocol that operates on TCP port 1723 and is supported by many older devices. It works by encapsulating network packets into a PPTP envelope. This envelope can then be routed across multiple network routers over the internet to its intended destination. The envelope is then unpacked at the destination and the end user receives the requested data. Mikrotik RouterOS has built in support for the PPTP protocol and can be used as a PPTP Server or PPTP client. RouterOS supports multiple PPTP authenticaton protocols such as MSCHAP2, MSCHAP, CHAP, PAP and has the capability of creating full site-to-site links using the PPTP protocol. Read this tutorial to learn how to create a PPTP VPN Connection between a Mikrotik router and a Windows 7, Windows 8 or Windows 10 device. If you like to watch a FREE! video tutorial click on the button below to watch now

REQUIREMENTS

In order to complete this tutorial successfully the following is a list of items that you may need. Please ensure to have these items available before taking implementation action on this tutorial:
1) A desktop or laptop with atleast a dual core processor, 4GB of RAM, a network interface card and 100 GB of free disk space.
2) The Winbox application
3) A Mikrotik Router (RB951Ui-2HnD or similar / newer) running RouterOS version 6.48 or newer
4) The RouterOS PPTP Server.

OVERVIEW

1) The PPTP VPN network diagram and amazon.com recommendations.
2) Open Winbox, connect to the Mikrotik router and install package updates
3) Enable the Mikrotik PPTP Server, create a PPTP secret for the client and enable PROXY-ARP on the router’s LAN interface.
4) On the Windows device, open the network and sharing center and create a PPTP VPN connection to the MIKROTIK router.
5) Test the VPN connection.

Network Diagram.

1) The diagram on the right illustration a simple common network illustration whereby the OFFICE USER device has the IP ADDRESS of 172.15.12.10/24. It is connected to the MIKROTIK ROUTER on ETHER 2 and the MIKROTIK ROUTER has the LAN IP ADDRESS of 172.15.12.1/24.

The MIKROTIK ROUTER is directly connected to the internet and has a WAN IP ADDRESS of 197.211.210.100/30. The REMOTE USER is also directly connected to the internet, has an IP ADDRESS of 192.168.55.150/24 and can reach the MIKROTIK ROUTER’s public IP ADDRESS.

The objective is to create a PPTP VPN that will allow the REMOTE USER to gain access to the OFFICE USER’s LAN network such that the two devices can communicate directly as if they are on the same network. The mikrotik router will be configured as the PPTP SERVER and will have a PPTP IP ADDRESS of 25.20.20.1/24. The REMOTE USER will be the PPTP client and will be assigned the IP ADDRESS 25.20.20.2/24

Amazon Recommendations

2) In case you currently do not have a router, kindly use the LINK shown below to purchase a Mikrotik router from amazon.com. Your support is very much appreciated and will help us keep producing helpful tutorials such as this one.

CLICK HERE TO SHOP FOR A MIKROTIK ROUTER

Step 1: Open Winbox, Connect To The Mikrotik Router And Install Package Updates.

3) Open the WINBOX app and type in the IP ADDRESS of your MIKROTIK router on the CONNECT TO field. Enter your routeros credentials on the LOGIN and PASSWORDS fields and click on CONNECT.

4) Next, click on SYSTEM > PACKAGES > CHECK FOR UPDATES. If there are any updates available click on the DOWNLOAD AND INSTALL button.

Step 2: Enable The Mikrotik PPTP Server, Create A PPTP Secret For The VPN Client And Enable PROXY-ARP On The Router's LAN Interface

5) Proceed by clicking on PPP > PPTP SERVER. Click on the ENABLED check box and set the KEEPALIVE TIMEOUT option to “0” (zero). Select DEFAULT-ENCRYPTION on the DEFAULT PROFILE drop down menu then click the check boxes on MSCHAP2, MSCHAP, CHAP and PAP.

Click on APPLY then click on OK.

6) Proceed by clicking on PPP > SECRETS and click on the ADD button. Type in a name for the PPP secret on the NAME field and enter a authentication password on the PASSWORD field. Set the SERVICE option to PPTP and select DEFAULT-ENCRYPTION on the PROFILE drop down menu.

On the LOCAL ADDRESS field enter 25.20.20.1 then on REMOTE ADDRESS enter 25.20.20.2. Click on APPLY then click on OK.

Enable PROXY-ARP

7) The PROXY-ARP feature allows devices connecting to a network to via PPTP to communicate with devices on the LOCAL network in such a way that all devices can communicate as if they are on the same network.

Click on the INTERFACES option on the WINBOX left navigation bar and double click on the ETHER2 interface, or which ever interface you assigned as the LAN interface.

On the GENERAL tab, select PROXY-ARP on the ARP drop down menu then click on APPLY and on OK

Step 3: On The Windows Device, Open The Network And Sharing Center And Create A PPTP VPN Connection To The MIKROTIK Router.

8) On your Windows device, click on START > CONTROL PANEL > NETWORK AND INTERNET > NETWORK AND SHARING CENTER. Proceed by clicking on “SET UP A NEW CONNECTION OR NETWORK”

9) Click on CONNECT TO A WORKPLACE and click on the NEXT button

10) On the “HOW DO YOU WANT TO CONNECT?” section, click on ‘USE MY INTERNET CONNECTION (VPN) and a CONNECT TO WORKPLACE wizard will be displayed.

11) Enter the WAN / PUBLIC IP ADDRESS of the MIKROTIK router on the INTERNET ADDRESS field as well as a name for the connection you are creating on the DESTINATION NAME field and click on NEXT.

12) The next step is to type the username and password for the PPTP VPN connection. Enter the USERNAME and PASSWORD that you created on step 6, click on the REMEMBER THIS PASSWORD check box and click on CONNECT.

13) Yo will now see a connection creation progress bar indicating all the connection creation steps. Wait for the connection creation process to complete.

14) You will see a ” YOU ARE CONNECTED” message and this means that the PPTP connection to the MIKROTIK router has been created successfully. Click on the CLOSE button to proceed.

15) You should now see the newly created PPTP VPN connection on the list of active networks in the WINDOWS network and sharing center.

16) To test the VPN connection open the Windows command prompt. To so this press the WINDOWS + R keyboard shortcut to open the RUN utility. Type CMD and click on OK.

17) Use the PING command to test connectivity to the PPTP IP ADDRESS and the MIKROTIK routers LAN address. The command should be run in the following format

ping DESTINATION-IP-ADDRESS

The command should return results as shown in the image on the right.