Tutorial 002 Mikrotik SSTP VPN server Windows SSTP VPN client

Mikrotik 2011UAS-2HnD RouterOS 6.7 L5 as SSTP server
Windows 7 PL 32bit as SSTP VPN client
SSTP ~= “PPTP + CA”

Mikrotik /server, ca.crt+ca.key/
– internal LAN: 192.168.0.0/24, IP: 192.168.0.1
– external IP – XXX.XXX.86.23

Windows PC /client, only ca.crt/
– external IP: Tmobile 3G PL
– LAN 192.168.1.0/24, HTC Wildfire S – WiFi Hotspot

config I
– Mikrotik SSTP pool 192.168.0.100 – 192.168.0.150
– Windows PC IP is in Mikrotik local LAN pool
– client decides where goes internet traffic

config II
– Windows client PC all internet traffic going through SSTP VPN gateway
– Mikrotik SSTP pool 192.168.2.1 – 192.168.2.200
– Windows PC IP is in Mikrotik SSTP pool
– if client disable traffic rediret then looses SSTP pool acces and Mikrotik internal LAN acces

Tip:
1. CA /certificate authority/ CN /common name/ – must be real external IP, domain name or /if server works only in LAN/ LAN IP or LAN name /Router Identity, System Identity/.
2. Not included in Video… ca.crt and ca.key should be deletet from Mikrotik /Files/.
3. Appendix in video – SSTP easly bypass firewalls /client site/.

18,474
Views