Enable PPTP Remote Access di Astaro Security Gateway
* Remote Access
* PPTP
PPTP remote access status Klik tombol enable
* Assign IP Addresses by
pilih : IP address pool
* Pool Network
pilih : VPN Pool (PPTP)
* klik tombol Apply untuk men save konfigurasi dan mengaktifkan PPTP Remote Access
Buat User untuk Login PPTP Client nya
* Definitions & Users
* Users & Groups
* klik New User
Username : test123
Real Name : Test 123 Juga (optional)
Email Address : (optional)
Authentication : Local
Password : *******
Repeat : *******
Cheklist : Use static remote access IP
isi RAS address : 10.242.1.123
RAS IP Address di isi sesuai dengan Subnet dari IP Pool VPN Pool (PPTP)
Comment : (optional)
* klik tombol save
Masukan user baru tersebut ke group PPTP Users
* Remote Access
* PPTP
* klik folder di tab Users and Groups
Browse user test123 & drag & drop di di kolom users & groups
* klik tombol save
Buat Table Routing
* Interfaces & Routing
* Static Routing
* Klik New Static route
Route Type : Gateway route
Network : 172.16.0.0
Gateway : 10.242.1.1
* Klik Tombol save
Sampai disini konfigurasi di ASG sudah selesai, ada baiknya kita coba dahulu dengan client Windows
Sekarang saatnya konfigurasi mikrotik
* Interfaces
/interface ethernet
set 0 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=\
no full-duplex=yes l2mtu=1520 mac-address=D4:CA:6D:3A:D9:7D master-port=\
none mtu=1500 name=WAN speed=100Mbps
set 1 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=\
no full-duplex=yes l2mtu=1520 mac-address=D4:CA:6D:3A:D9:7E master-port=\
none mtu=1500 name=LOCAL speed=100Mbps
* IP Address
/ip address
add address=172.16.0.254/24 comment="default configuration" disabled=n
interface=LOCAL network=172.16.0.0
* DHCP Client untuk WAN
/ip dhcp-client
add add-default-route=yes comment="default configuration" \
default-route-distance=1 disabled=no interface=WAN \
use-peer-dns=yes use-peer-ntp=yes
* Firewall
* Address List
/ip firewall address-list
add address=172.16.0.253 disabled=no list=BOLEH
add address=192.168.10.0/23 disabled=no list=Save-Network
add address=172.16.0.0/24 disabled=no list=Save-Network
* NAT
/ip firewall nat
add action=masquerade chain=srcnat comment="default configuratio
disabled=no out-interface=WAN src-address-list=BOLEH
* PPTP Client
/interface pptp-client
add add-default-route=no allow=pap,chap,mschap1,mschap2 connect-to=\
202.xxx.yyy.zzz dial-on-demand=no disabled=no max-mru=1460 max-mtu=\
1460 mrru=disabled name=pptp-out1 password=******* profile=\
default-encryption user=test123
* IP Route
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=WAN scope=30 \
target-scope=10
add disabled=no distance=1 dst-address=192.168.10.0/23 gateway=\
10.242.1.1 scope=30 target-scope=10
Tidak ada komentar:
Posting Komentar