Overview: if we have provided you with a bespoke L2TP connection, perhaps to access a client device behind NAT or dynamic IP, then this article will show you how to connect a MikroTik device to the VPN.

You will need the following information before you begin:

  • Admin details to acces the MikroTik device via WinBox or WebFig
  • L2TP server IP: ---.---.---.---
  • L2TP username: _ _ _ _ _ _
  • L2TP password: _ _ _ _ _ _
  • IP Sec pre-shared key: _ _ _ _ _ _ 
  • Public HTTP port number: _ _ _ _ _


WARNING: Before you add this L2TP connection, please set a VERY complex password of at least 16 characters - including special symbols - in order to reduce your device security risks.


From WinBox or WebFig navigate to Interfaces > Add > L2TP client > [enter the details below and click OK]


"General" tab:

Max MTU: 1400

Max MRU: 1400


"Dial out" tab:

Connect To: {L2TP server IP}

User: {L2TP username} 

Password: {L2TP password} 

Use IPsec: Yes (enabled)

IPsec Secret: {IP Sec pre-shared key}



Once the link is up (check IP > Addresses, and you should see an IP such as 172.16.xxx.xxx) then you can test accessing the device publically:


http://xxx.xxx.xxx.xxx:yyyyy (replace xxx with the L2TP server IP, and replace yyyy with the public HTTP port number)


You should now have access to port 80 on the local device; if you need another port (such as HTTPS port 443) then simply ask us for the port forwarding rule to be modified for this VPN client).