-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Paul Julian Sent: Monday, 9 March 2015 6:48 AM To: 'MikroTik Australia Public List' Subject: Re: [MT-AU Public] MikroTik LNS config
Ahhh yes that's what it was, Mmm interesting, well I will hang on to the end of this thread as well, please let us all know how you go !
Regards Paul
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Damien Gardner Jnr Sent: Monday, 9 March 2015 4:57 AM To: MikroTik Australia Public List Subject: Re: [MT-AU Public] MikroTik LNS config
Paul, from the reading I've done (I'm about to setup the same way as Nick is doing, just waiting for him to get it working ;) ), the incompatibility is that MT doesn't support l2tp tunnel authentication. - so provided you can disable tunnel auth from the LAC end, it is supposed to work :)
On 8 March 2015 at 21:02, Paul Julian <paul@oxygennetworks.com.au> wrote:
Interesting Tim, I always thought there was some incompatibility which stopped you from using a MT box as an LNS with a Cisco LAC, happy to be proven wrong as I would love to see this working as it would be a very cost effective LNS especially as I am about to upgrade my Cisco LNS.....
Regards Paul
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Tim Warnock Sent: Sunday, 8 March 2015 8:42 PM To: MikroTik Australia Public List Subject: Re: [MT-AU Public] MikroTik LNS config
Hi Nick,
That's not quite how it works on MikroTik.
Remove l2tp-server interface binding.
Then click L2TP-Server button in PPP.
Check the box [X] Enabled Then set your default profile. Then disable MSCHAPX.
That should sort your problem.
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Nick Pratley Sent: Sunday, 8 March 2015 8:52 AM To: MikroTik Australia Public List Subject: Re: [MT-AU Public] MikroTik LNS config
Thanks Tim,
There is a VLAN and a /30 between myself & the provider, BGP established over that link and they send all traffic form their loopback IP over to my side of the /30.
Was only a few changes away to get to that - but it still doesn't work or I have completely missed something.
The remote-address in the secret should be what I want the DSL tail to get from the server, correct?
This is what I have so far if it helps
/ppp profile name="default-l2tp" local-address=x.x.x.27 remote-ipv6-prefix-pool=*0 use-ipv6=no use-mpls=no use-compression=no use-vj-compression=no use-encryption=no only- one=default change-tcp-mss=yes address-list="" dns-server=8.8.8.8
/ppp secret name="nick@domain.com" service=l2tp caller-id="nick@domain.com" password="hidden" profile=default-l2tp remote-address=192.168.10.100 routes="" limit-bytes-in=0 limit-bytes-out=0 last-logged-out=jan/01/1970 00:00:00
/interface l2tp-server name="l2tp-in1" user=""
/interface l2tp-server enabled: yes max-mtu: 1500 max-mru: 1500 mrru: 1600 authentication: pap,chap keepalive-timeout: 30 default-profile: default-l2tp use-ipsec: no ipsec-secret: _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
--
Damien Gardner Jnr VK2TDG. Dip EE. GradIEAust rendrag@rendrag.net - http://www.rendrag.net/ -- We rode on the winds of the rising storm, We ran to the sounds of
Hi! It's probably not so much that MT has an 'incomplete' implementation - more like cisco has a 'proprietary' implementation ;) The thing is that much of routerOS functionality is derived from core linux kernel code - routerOS is essentially a proprietary shell running on linux. That is pretty much the essence of why routerOS is usually a strictly an 'open standard' approach to routing functionality ;) Cheers! Mike -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Tim Warnock Sent: Monday, 9 March 2015 11:22 AM To: MikroTik Australia Public List Subject: Re: [MT-AU Public] MikroTik LNS config Few things missing that I think are critical: * L2TP Tunnel Authentication * Specify Source IP/VRF support * Max Sessions I don't know why MT are happy with a 95% implementation - I really wish I could kickstarter or an equivalent to pay for the new features to be coded in. thunder.
We danced among the lightning bolts, and tore the world asunder _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au