L2TP is a secure tunnel protocol for transporting IP traffic using PPP.
L2TP encapsulates PPP in virtual lines that run over IP, Frame Relay and
other protocols (that are not currently supported by MikroTik
RouterOS). L2TP incorporates PPP and MPPE (Microsoft Point to Point
Encryption) to make encrypted links. The purpose of this protocol is to
allow the Layer 2 and PPP endpoints to reside on different devices
interconnected by a packet-switched network. With L2TP, a user has a
Layer 2 connection to an access concentrator - LAC (e.g., modem bank,
ADSL DSLAM, etc.), and the concentrator then tunnels individual PPP
frames to the Network Access Server - NAS. This allows the actual
processing of PPP packets to be separated from the termination of the
Layer 2 circuit. From the user's perspective, there is no functional
difference between having the L2 circuit terminate in a NAS directly or
using L2TP.
For more information: Wiki Mikrotik | L2TP
Step 1: Login the Mikrotik router using the winbox and please done the necessary configuration like set ip address, dns, nat and dhcp server etc.
Step 2: After login the router, please follow the below screenshot.
Step 3: Follow the below screenshot.
Step 4: Edit the profiles for L2TP server.
Step 5: Crate the Secrets for L2TP users.
Explanation: First we give a code snippet and then explain what it actually does.
/ip ipsec peer
add address=0.0.0.0/0 dh-group=modp2048 enc-algorithm=aes-256,aes-128,3des \
exchange-mode=main-l2tp generate-policy=port-override secret=12345 \
send-initial-contact=no
/interface l2tp-server server
set authentication=mschap1,mschap2 enabled=yes ipsec-secret=12345 use-ipsec=\
yes
/ppp profile
set *FFFFFFFE dns-server=202.84.32.22,8.8.8.8 local-address=192.168.1.1 \
remote-address=dhcp_pool1 use-compression=no use-encryption=required \
use-mpls=no
/ppp secret
add local-address=192.168.1.1 name=111 password=1 profile=\
default-encryption service=l2tp
END