1.Configure PPPoE Client WAN Connection)
Setting up a PPPoE VPN on ROS (RouterOS) involves configuring both PPPoE client (for internet connection) and VPN services (like L2TP/IPsec, SSTP, or OpenVPN). Below is a step-by-step guide: First, ensure your router has a working PPPoE connection for internet access.
Steps:
-
Access Winbox → Go to
Interfaces. -
Add PPPoE Client:
- Click →
PPPoE Client. - Interface: Select the physical interface (e.g.,
ether1). - User/Password: Enter your ISP credentials.
- Service Name: (Optional, if required by ISP).
- Click
ApplyandOK.
- Click →
-
Verify Connection:
- Check
IP → Addressesfor a new PPPoE-assigned IP. - Test internet connectivity via
Tools → Ping.
- Check
Set Up VPN (L2TP/IPsec, SSTP, or OpenVPN)
Choose one of the following VPN types:
Option 1: L2TP/IPsec VPN
-
Enable L2TP Server:
- Go to
PPP → Interface → L2TP Server. - Enable
Enable. - Set
Default Profiletodefault-encryption(or create a new profile).
- Go to
-
Configure IPsec (for security):
- Go to
IP → IPsec→ EnableProposalswith:- Encryption:
AES-256 - Hash:
SHA-256 - DH Group:
modp2048
- Encryption:
- Add a
Peerwith:- Address:
0.0.0/0 - Auth Method:
PSK(Pre-Shared Key). - Enter a strong
Secret.
- Address:
- Go to
-
Add VPN Users:
- Go to
PPP → Secrets. - Add a user with:
- Name:
vpnuser - Password:
securepassword - Service:
l2tp - Local Address:
168.88.1(router’s LAN IP). - Remote Address:
168.88.100(VPN client IP).
- Name:
- Go to
-
Firewall Rules:
- Allow
IPsec(UDP 500, 4500) andL2TP(UDP 1701):/ip firewall filter add chain=input protocol=udp dst-port=500,4500,1701 action=accept
- Allow
Option 2: SSTP VPN (for Windows clients)
-
Enable SSTP Server:
- Go to
PPP → Interface → SSTP Server. - Enable
Enable. - Set
Certificate(generate one inSystem → Certificates).
- Go to
-
Add VPN Users (same as L2TP, but set
Service=sstp). -
Firewall Rules:
- Allow
TCP 443(SSTP uses HTTPS):/ip firewall filter add chain=input protocol=tcp dst-port=443 action=accept
- Allow
Option 3: OpenVPN (for cross-platform support)
-
Install OpenVPN Package (if not installed):
- Download from
MikroTik’s Package Repository. - Upload via
Filesand reboot.
- Download from
-
Configure OpenVPN Server:
- Go to
PPP → Interface → OpenVPN. - Set
Mode: Server,Protocol: UDP,Port: 1194. - Configure
CertificateandAuth.
- Go to
-
Firewall Rules:
- Allow
UDP 1194:/ip firewall filter add chain=input protocol=udp dst-port=1194 action=accept
- Allow
NAT & Firewall Configuration
Ensure VPN traffic can reach LAN:
-
Masquerade NAT:
/ip firewall nat add chain=srcnat action=masquerade out-interface=pppoe-out1 -
Allow VPN Traffic to LAN:
/ip firewall filter add chain=forward src-address=192.168.88.100 dst-address=192.168.88.0/24 action=accept
Test VPN Connection
- Windows: Use
VPN settings(L2TP/IPsec or SSTP). - Android/iOS: Use
L2TP/IPsecwith PSK. - OpenVPN: Use
.ovpnconfig file.
Troubleshooting
- No Internet on VPN? Check NAT and firewall rules.
- PPPoE not connecting? Verify ISP credentials and physical link.
- VPN drops? Check
/logfor errors.
This setup ensures a secure PPPoE + VPN configuration on MikroTik RouterOS. Let me know if you need help with a specific part!

@版权声明
转载原创文章请注明转载自飞鸟VPN加速器- 高速稳定免费VPN加速器 | 飞鸟加速器-全球十大VPN梯子,网站地址:https://feiniao-wap.com.cn/