RouterOS Version: RouterOS 5.25
Network card 1 (ether1): Connect the external network
Subnet Mask: 255.255.255.0
Nic 2 (ETHER2): Connect intranet
Subnet Mask: 255.255.255.0
VPN Server account password:
By setting up VPN automatic dialing in RouterOS, we can visit the original network of the domestic website and visit the foreign website to take the VPN line.
First, RouterOS network configuration
RouterOS Router management tool winbox download address: Http://download2.mikrotik.com/winbox.exe
RouterOS 5.16 Flexible routing installation Illustrated Tutorial: http://www.111cn.net/archives/4037.html
The following actions are performed after you log on to the RouterOS console
1, set RouterOS login password
Note: After the default installation, login account: admin password is empty
The following login password for admin is set: 123456
New password:123456 #输入密码
Retype new password:123456 #再次输入密码
2, configure the network card IP address
interface Print #显示可用的网卡信息
will appear ether1 Ether2 and other network card information
Here Ether1 represents the network card 1, we use to connect the extranet
Ether2 represents network card 2, used to connect intranet
Add address=192.168.21.100/24 Inter class=apple-converted-space> #设置外网地址
Add address=192.168.237.100/24 Inter class=apple-converted-space> #设置内网地址
/IP Address Print #查看接口地址
3, use Winbox login RouterOS
Setting up a local area network client
ip:192.168.237.254 (last: 1-254, except 100 is OK)
Subnet Mask: 255.255.255.0
As shown in the following figure
When Setup is complete, open Winbox
CONNETCT to (Connect to): 192.168.237.100
Login (login name): admin
Password (password): 123456
Tick Keep Password (save password)
Check secure mode (safe modes)
Load Previous Session (read previous sessions): Since we are logged on for the first time, we do not check
Note: You can default, you can also fill out your own
When set, point Connect (Connect)
Enter the RouterOS control interface
The following actions are performed in Winbox
4, modify the interface name of the network card
Double hit Open ether1-general
The same method modifies ether2 for LAN, and notes for intranet
5, set the external network gateway (set the default route)
The + number in the upper-left corner of the point
External network Gateway (default route)
The other defaults can be
6, set up NAT network address translation, map out the network, all the intranet access requests are mapped to the external network 192.168.21.100 above
That is, all the clients within the LAN are ip:192.168.21.100 to the Internet via the RouterOS router's extranet.
The + number in the upper-left corner of the point, switch to action
NAT Network Address Translation
DHCP Server Interface:lan
DHCP Address space:192.168.237.0/24
Gateway for DHCP network:192.168.237.100
DHCP can assign IP addresses as follows
192.168.237.1-192.168.237.99
192.168.237.101-192.168.237.254
DHCP lease time, by default
Client IP address in LAN is set to automatically get
Open Web page, be able to surf the Internet, configure successfully
Second, VPN dialing settings
Dot + Number Select PPTP Client
Can see the flow through, indicating that the VPN server has been connected
Mark all other IP addresses in the RouterOS except for the Chinese segment IP
1. Import IP address of China section
China segment IP address download: HTTP://AUTOROSVPN.GOOGLECODE.COM/FILES/ADDRESS-LIST.RSC
Drag the ADDRESS-LIST.RSC file from the computer in
Input: Import FILE=ADDRESS-LIST.RSC
Ip-firewall-address Lists
You can see the IP address you just imported in
Dst. address:!192.168.237.0/24
3. Set up VPN line routing
After the setup is complete, visit the domestic website, go to the original line, visit the foreign website to go the VPN line
