Version: 3432
Copyright 2007-2010 ImageStream Internet Solutions, Inc., All rights Reserved.
Table of Contents
Router Installation and Configuration Manual/Configuring L2TP for Mikrotik........................................1
Requirements..........................................................................................................................................1
Theory of Operation.........................................................................................................................1
Specific Configuration Examples.....................................................................................................1
ii
Requirements
This is an specific configuration example. Interoperability with Mikrotik L2TP tunnels requires a router
running version 4.4.0-99 or newer. This configuration requires that the L2TP tunnel does not have password
authentication. Please note, PPP authentication will still be preformed as outlined below. This configuration
also requires that the "tunnel peer name" is set to "default". The Mikrotik router needs to be configured as a
"L2TP Client".
Theory of Operation
The Mikrotik is configured to connect to the ImageStream router via an L2TP Tunnel interface. The Mikrotik
must initiate the L2TP tunnel. The Mirotik client router creates a L2TP tunnel to the ImageStream router. By
default incoming L2TP tunnel requests are allowed to any ip address assigned to the router.
Once the L2TP tunnel is established the Mikrotik's PPP authenticate request is sent to the ImageStream
Router. At this point we start up a PPP session and authenticate the user via RADIUS or via a configured
username/password pair. Normal PPP negotiations continue from this point with IP address negotiation and
such. The end result is the Mikrotik now has a PPP session tunneled over an L2TP/IP/UDP tunnel to our
ImageStream router.
This example uses a UserName/Password pair defined in the wan.conf file(Network Interface Configuration).
This example also sets up a local ip pool of addresses from 192.168.24.14 to 192.168.24.18 the ImageStream
This example uses a Radius server located at 205.159.243.5 to authenticate the ppp authentication request
coming from the Mikrotik router. The ImageStream router will honor all supported radius attributes.
See also
RADIUS Supported Attributes
http://wiki.mikrotik.com/wiki/Manual:Interface/L2TP