Overview: if we have provided you with a bespoke L2TP connection, perhaps to access a client device behind NAT or dynamic IP, then this article will show you how to connect a MikroTik device to the VPN.

You will need the following information before you begin:

  • Admin details to acces the "Luci" web GUI of the Teltonika device
  • L2TP server IP: ---.---.---.---
  • L2TP username: _ _ _ _ _ _
  • L2TP password: _ _ _ _ _ _
  • IP Sec pre-shared key: _ _ _ _ _ _ 
  • Public HTTP port number: _ _ _ _ _


WARNING: Before you add this L2TP connection, please set a VERY complex "admin" password of at least 16 characters - including special symbols - in order to reduce your device security risks; the "admin" password is nothing to do with the L2TP password.


From the web GUI of the Teltonkia device navigate to Services > VPN > L2TP [tab] >

Enter the "New configuration name" as "RemoteL2TP", then click Add New [button]

Click Edit [button] and enter the details as per below, then click Save [button]:


Enable: Yes (enabled)

Server: {L2TP server IP}

Username: {L2TP username}

Password: {L2TP password}

Authentication: {IP Sec pre-shared key}

Keep alive: 300

Default route: No (disabled)



Once saved, be patient as Teltonkia devices are often low-power CPUs than can take 5+ minutes to reconfigure their network stack and IP routes!


Once the link is up (System> Administration > Diagnostics [tab] > Ping 172.16.0.1) then you can test accessing the device publically:


http://xxx.xxx.xxx.xxx:yyyyy (replace xxx with the L2TP server IP, and replace yyyy with the public HTTP port number)


You should now have access to port 80 on the local device; if you need another port (such as HTTPS port 443) then simply ask us for the port forwarding rule to be modified for this VPN client).



Additional info for private VPN

If you have a dedicated VPN server solution from us then you may want to enable a route so that traffic can flow between your clients (and your local LAN server). To enable this on a Teltonkia unit follow these steps:

Network > Routing > Add

Routing table: Main

Interface: l2tp_RemoteL2TP

Destination address: 172.16.0.0

Netmask: 255.255.252.0

Gateway: 172.16.0.1

[Save]


That will enable this Teltonkia client to communicate back across this VPN to other clients/servers on your VPN private LAN.



Tip: you may find this Windows VPN article useful too - https://internetservices.freshdesk.com/en/support/solutions/articles/5000866097-windows-l2tp-vpn-client-allow-internet-browsing