كيف تجعل سيرفرك المايكروتيك مستحيل الاختراق والتصفح خرافى عبر vpn

كلنا يعلم مامعنى vpn

انه عالم وهمى تقوم بعمله لايستطيع احد ان يراقب بياناتك

لايستطيع احد سرقة اليوزر والباسورد الخاص بك

تشفير كامل لكل معلوماتك ومعلومات العملاء

منع النت كت وبرامج الاختراق بالكامل نهائيا وللابد

النظام يعمل به عمالقة سيرفرات العالم الاجنبى..

عن طريقه تستطيع فتح الشبكة الخاصة بك من اى مكان بالعالم وكانك داخل السيرفر

تنويه هام ..هذا ليس فى بى ان من الانترنت ده نظام تشغيل زى البرودباند والهوتسبوت داخل السيرفر

Step 1: create VPN pool

IP pools are used to define range of IP addresses that will be used for your PPTP VPN server
[admin@MikroTik] > /ip pool print
NAME RANGES
VPN-pool 192.168.1.101-192.168.1.110

VPN pool

Step 2: create a VPN user

In this step you will create a user that can connect to your VPN Server. In this example only one user is created, but you can add as many user as you need…
[admin@MikroTik] > /ppp secret print
# NAME SERVICE CALLER-ID PASSWORD PROFILE REMOTE-ADDRESS
0 ppp1 pptp ppp1 **** VPN-profile
VPN secrets

Step 3: create a VPN profile

PPP profiles are used to define default values for user access records stored under /ppp secret submenu. Settings in /ppp secret User Database override corresponding /ppp profile settings except that single IP addresses always take precedence over IP pools when specified as local-address or remote-address parameters.
[admin@MikroTik] > /ppp profile print
1 name="VPN-profile" local-address=192.168.1.1 remote-address=VPN-pool bridge=br1 use-mpls=default
use-compression=default use-vj-compression=default use-encryption=yes only-one=default
change-tcp-mss=yes address-list="" dns-server=8.8.8.8,8.8.4.4
VPN Profile

Step 4: Create PPTP Server Binding (Optional)

This step is optional, because your VPN server will work even if you skip this.
In this step you bind user ppp1 to interface pptp-in1. This is very useful if you need to create firewall rules for a specific user.
VPN interface

Step 5: Enable VPN Server

In this step we just need to enable our PPTP server and set default profile…
[admin@MikroTik] > /interface pptp-server server print
enabled: yes
max-mtu: 1450
max-mru: 1450
mrru: 1600
authentication: mschap1,mschap2
keepalive-timeout: 30
default-profile: VPN-profile
VPN enable PPTP

Step 6: Configure bridge (Optional)

Like step 4, even this step is optional. This step is the main reason that I’m writing this tutorial, so it deserves a few word :)
If you skip this step, you will be able to connect to your VPN server, you will have the same public IP as your VPN server, but you will not see any other devices connected on this subnet. If this is OK for you, you don’t need to do anything else.
If you want to see other devices in your subnet, you must change ARP mode for your Bridge. For more details about ARP modes go to mikrotik documentation

[admin@MikroTik] > /interface bridge print
Flags: X - disabled, R - running
0 R name="br1" mtu=1500 l2mtu=1598 arp=proxy-arp mac-address=4C:5E:0C:21:A4:85 protocol-mode=rstp
priority=0x8000 auto-mac=no admin-mac=4C:5E:0C:21:A4:85 max-message-age=20s forward-delay=15s
transmit-hold-count=6 ageing-time=5m
VPN bridge configuration

Step 7: Finish

If you did all right, you now have a working PPTP VPN server.
Important: Don’t forget to open port 1723 (tcp) in your firewall settings:
/ip firewall filter add chain=input comment="PPTP VPN" dst-port=1723 protocol=tcp
الشرح بالفديو

شرح اخر مع عمل اتصال vpn من الخارج

ليست هناك تعليقات:

إرسال تعليق