MikroTik Router OS V3.0 User Manual

							[admin@HomeOffice] ppp secret>

 
    	 
 
 A-$ ( 

[admin@HomeOffice] interface l2tp-server> add user=ex[admin@HomeOffice] interface l2tp-server> printFlags: X - disabled, D - dynamic, R - running# NAME USER MTU CLIENT-ADDRESS UPTIME ENC...0 l2tp-in1 ex[admin@HomeOffice] interface l2tp-server>
+
 
	 
 ( 
  
	
[admin@HomeOffice] interface l2tp-server server> set enabled=yes[admin@HomeOffice] interface l2tp-server server> printenabled: yesmax-mtu: 1460max-mru: 1460mrru: disabledauthentication: mschap2keepalive-timeout: 30default-profile: default[admin@HomeOffice] interface l2tp-server server>
+ 	 A-$ 

 
 
 
  

[admin@RemoteOffice] interface l2tp-client> add connect-to=192.168.80.1 user=ex \\... password=lkjrht disabled=no[admin@RemoteOffice] interface l2tp-client> printFlags: X - disabled, R - running0 R name=l2tp-out1 mtu=1460 mru=1460 mrru=disabled connect-to=192.168.80.1user=ex password=lkjrht profile=default add-default-route=noallow=pap,chap,mschap1,mschap2[admin@RemoteOffice] interface l2tp-client>
 	 A-$ 


  	
 

 
 
  


   	
 F


 

7
7

 






 
 
 
 *$ 	 /../.:/ 	
 /../.:- 	
 	 
 *
 
	 %
%

	

 

 
 
 ( 
 	
 


Page 210 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners. 
						

							 
 
 	 *

	

 ( 
 A-$ 


  
 
 	 
 

[admin@HomeOffice] > ip route add dst-address 10.150.1.0/24 gateway 10.0.103.2[admin@RemoteOffice] > ip route add dst-address 10.150.2.0/24 gateway 10.0.103.1
 
 
 A-$ ( 
 	
 	

	
(  
 

		
  
  
	


[admin@HomeOffice] ppp secret> print detailFlags: X - disabled0 name=ex service=l2tp caller-id= password=lkjrht profile=defaultlocal-address=10.0.103.1 remote-address=10.0.103.2 routes==
[admin@HomeOffice] ppp secret> set 0 routes=10.150.1.0/24 10.0.103.2 1[admin@HomeOffice] ppp secret> print detailFlags: X - disabled0 name=ex service=l2tp caller-id= password=lkjrht profile=defaultlocal-address=10.0.103.1 remote-address=10.0.103.2routes=10.150.1.0/24 10.0.103.2 1
[admin@HomeOffice] ppp secret>

 
 A-$ 


 




[admin@RemoteOffice]> /ping 10.0.103.110.0.103.1 pong: ttl=255 time=3 ms10.0.103.1 pong: ttl=255 time=3 ms10.0.103.1 pong: ttl=255 time=3 msping interrupted3 packets transmitted, 3 packets received, 0% packet lossround-trip min/avg/max = 3/3.0/3 ms

 
 



 
 
 A-$ 


 
 
 A	,  

	
Page 211 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners. 
						

							[admin@RemoteOffice]> /ping 10.150.2.25410.150.2.254 pong: ttl=255 time=3 ms10.150.2.254 pong: ttl=255 time=3 ms10.150.2.254 pong: ttl=255 time=3 msping interrupted3 packets transmitted, 3 packets received, 0% packet lossround-trip min/avg/max = 3/3.0/3 ms
  	 A+9 ( 
  


 	  
 	 
 
 %F*$% 

  
 	
	  

 	   
	 ( 
 


 	 

 
 %@% 


Connecting a Remote Client via L2TP Tunnel
 
 	   
 


 	 
 
 	 
  

 ( A-$ 





 (
 
	
 
 	
 *$ 	  
 	 

 	 
 
  	 &

 
 

 ( F*$ 



$	 

 
 
( 	
	 
  
 
  	 A-$ 

 
 
 
	  	 

 
 
 
 	
•=
 >
*

	 *



 /;-/GCC//1-D
*

	   /./
						

							 
 
 A-$ ( 	  
  
   
 


[admin@RemoteOffice] ppp secret> add name=ex service=l2tp password=lkjrhtlocal-address=10.150.1.254 remote-address=10.150.1.2[admin@RemoteOffice] ppp secret> print detailFlags: X - disabled0 name=ex service=l2tp caller-id= password=lkjrht profile=defaultlocal-address=10.150.1.254 remote-address=10.150.1.2 routes==
[admin@RemoteOffice] ppp secret>

 
    	 
 
 A-$ ( 

[admin@RemoteOffice] interface l2tp-server> add name=FromLaptop user=ex[admin@RemoteOffice] interface l2tp-server> printFlags: X - disabled, D - dynamic, R - running# NAME USER MTU CLIENT-ADDRESS UPTIME ENC...0 FromLaptop ex[admin@RemoteOffice] interface l2tp-server>
+
 
 ( 
  
	
[admin@RemoteOffice] interface l2tp-server server> set enabled=yes[admin@RemoteOffice] interface l2tp-server server> printenabled: yesmax-mtu: 1460max-mru: 1460mrru: disabledauthentication: mschap2keepalive-timeout: 30default-profile: default[admin@RemoteOffice] interface l2tp-server server>
#
	 
  +$ 
  
	 
 
 % % 

	
[admin@RemoteOffice] interface ethernet> set Office arp=proxy-arp[admin@RemoteOffice] interface ethernet> printFlags: X - disabled, R - running# NAME MTU MAC-ADDRESS ARP0 R ToInternet 1500 00:30:4F:0B:7B:C1 enabled1 R Office 1500 00:30:4F:06:62:12 proxy-arp[admin@RemoteOffice] interface ethernet>
L2TP Setup for Windows

 ( A-$ 

 
  6
 B$ -... 9D F 	
 ;C 6
 -... 	
 B$

 
 
 
 6
 
  	
	
	 

	 A-$ # ;C 9 	
 F 

		

 8
	 
	  
 &A-$1*$ O$9 3


#  
	

 

A-$1*$O$93


A-$1*$O$93

 
 6
 -... A-$ 
 

 *$ 8 

 

5	
*$
6
-...3

5	
*$!F3$0
A-$
Troubleshooting
Page 213 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners. 
						

							Description
•4  	
$  4 
 

  7 

	  05$ 



 	
 	 
 
 

 

  

•? C
$ 745 K5 ,

 	
 
 
 
 7  $

  L8 9(L 
L8 9(!L
  	 NC; 	
 NC/  
 *$  

 
  
 
 
 ! 


( 

	

 
  
 
 *$ 
 
 
 A-$1*$ O$9 3

 	
 
 

 
 ! *   

 	

 
  *$ 
 	
  	 
  
 
 

 
9
   	 
 6
 -...  
 
 
 
 
 
 
:- 

 + 
 
 
 (	 

A8E7
						

							PPPoE
Document revision 1.7 (January 16, 2008, 9:13 GMT)
This document applies to MikroTik RouterOS V3.0
Table of Contents
TableofContents
GeneralInformation
Summary
QuickSetupGuide
Specifications
AdditionalDocuments
PPPoEClientSetup
PropertyDescription
Notes
Example
MonitoringPPPoEClient
PropertyDescription
Example
PPPoEServerSetup(AccessConcentrator)
Description
PropertyDescription
Notes
Example
PPPoETunnelInterfaces
Description
PropertyDescription
Example
ApplicationExamples
PPPoEinamultipointwireless802.11gnetwork
Troubleshooting
Description
General Information
Summary
 $$$F &$

 
 $

 $
 ( F


 
 ( 

(  	
	

 


	
	

 	
 	


 

 
 *!$ 	
 

 	

	
 3

 $$$F   	
 
*!$ 
 

 

 



  5!A 	
 	  	  	 	
 F


 

 $$$F 
	
 


  
 
	
	 $

 
 $

 $
 &$$$  
 

 
   


	

 
 $$$F  F


 

	  	  




I
	 	
 $$$F   
 	
 
 *$ 	 
 

 	 
 
 
	 &	


	

   	


	

 	  
 
	

 
 	


	

 
 
	
 *$
	  5,3$ 	  *
  	( 

 
  
	
 *$ 	  5,3$ 
 
 	 

	 	
$$$F  ( 
 	

Page 215 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners. 
						

							 
 ! 	
 	
 	 	 +5*0! 

 7  	
  	 +5*0! ( 
 	


	
 $$$F 


	
  	


  

+ $$$F 



    	 

 	
 	
 	 


	
 &(  

 	  	


 
	
 	 
 $$$F 

 
 
 

	  
 ! 
 
 7 

 	

	 


	
   $$$F  $$$F 

 	
 (  ( 	
 F


 ( 

	 


 
 7  C.-// &+

 3 6	(A	
 $ +
 /.1/..1/... 
1 F


	A	
 	
 F*$ &F


 ( *$ 


 $$F D.
 !+ 	
 $$F /-C
 !+ 


  



 $$$ &$  
 
  
 ( 0 &
 	
 
 
	

 72 /
						

							Specifications
Packages required:ppp
License required:level1 (limited to 1 interface), level3 (limited to 200 interfaces), level4 (limited to
200 interfaces), level5 (limited to 500 interfaces), level6 (unlimited)
Home menu level:/interface pppoe-server, /interface pppoe-client
Standards and Technologies:PPPoE(RFC2516)
Hardware usage:PPPoE server may require additional RAM (uses approx. 9KiB (plus extra 10KiB
for packet queue, if data rate limitation is used) for each connection) and CPU power. Maximum of
65535 connections is supported.
Additional Documents
A
  $$$F 

	


•

11	811-
						

							name(name; default:pppoe-out1) - name of the PPPoE interface
password(text; default:) - a user password used to connect the PPPoE server
profile(name) - default profile for the connection
service-name(text; default:) - specifies the service name set on the access concentrator. Leave it
blank unless you have many services and need to specify the one you need to connect to
use-peer-dns(yes|no; default:no) - whether to set the routers default DNS to the PPP peer DNS
(i.e. whether to get DNS settings from the peer)
user(text; default:) - a user name that is present on the PPPoE server
Notes

 	 C
$ ! 



 



 	  
   
 H
 
H  	
HK+3W
/H   
 
	
 
	
 HK+3H  
 	 


	
 
	 	
 H
/H 

 ( 
	
!
 0 	
 
	
 $ &

 $$$ ( 
 
  
   
 
  	



 	 
 0
 6
 
 	
  
	 
 9

 
	 !


 


 H9
	
 
7

 
 
 



H  0  	 
 /G/D  


   
 ( $	
0
( 	  $   
	 
 
 
Example
 	 	
 
	 $$$F 

 
 

 !

	 



 
 
 +3 
	
 (

0(

  
	
 
 	$
[admin@RemoteOffice] interface pppoe-client> add interface=ether1 \\... service-name=testSN user=user password=passwd disabled=no[admin@RemoteOffice] interface pppoe-client> printFlags: X - disabled, R - running0 R name=pppoe-out1 max-mtu=1480 max-mru=1480 mrru=disabled interface=ether1user=user password=passwd profile=default service-name=testSNac-name= add-default-route=no dial-on-demand=no use-peer-dns=noallow=pap,chap,mschap1,mschap2[admin@RemoteOffice] interface pppoe-client>
Monitoring PPPoE Client
Command name:/interface pppoe-client monitor
Property Description
ac-mac(MAC address) - MAC address of the access concentrator (AC) the client is connected to
ac-name(text) - name of the AC the client is connected to
encoding(text) - encryption and encoding (if asymmetric, separated with /) being used in this
connection
mru(read-only: integer) - effective MRU of the link
mtu(read-only: integer) - effective MTU of the link
service-name(text) - name of the service the client is connected to
Page 218 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners. 
						

							status(text) - status of the client
•dialing- attempting to make a connection
•verifying password...- connection has been established to the server, password verification in
progress
•connected- self-explanatory
•terminated- interface is not enabled or the other side will not establish a connection
uptime(time) - connection time displayed in days, hours, minutes and seconds
Example
 

 

!




[admin@MikroTik] interface pppoe-client> monitor pppoe-out1status: connecteduptime: 6sidle-time: 6sencoding: MPPE128 statelessservice-name: testSNac-name: MikroTikac-mac: 00:0C:42:04:00:73mtu: 1480mru: 1480
[admin@MikroTik] interface pppoe-client>
PPPoE Server Setup (Access Concentrator)
Home menu level:/interface pppoe-server server
Description
 $$$F ( &	 


	
 
 
 (  	 

	 7 
 
 (

	 3

 
 

  
 $$$F ( 	 
 

 
 /G. 1 
 	 3
 G.. 3$0
0
   3$0 

  
	 

	

 

 	
 $$$F
 	   

 
 


 
 	



	
 
 
 
  

  
 	 	 



 
 

	  
 	
 
  


 	  
 

 

 






	
  
 ( 
	   
 6
B$ 
   
 ( 
 
 
	 !   	


 ( 6
B$ 

 	(  ( 
	 

Property Description
authentication(multiple choice: mschap2|mschap1|chap|pap; default:mschap2, mschap1,
chap, pap) - authentication algorithm
default-profile(name; default:default) - default user profile to use
interface(name) - interface, which the clients are connected to
keepalive-timeout(time; default:10) - defines the time period (in seconds) after which the router is
starting to send keepalive packets every second. If no traffic and no keepalive responses has came
for that period of time (i.e. 2 * keepalive-timeout), not responding client is proclaimed
Page 219 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners.