笔记：PPPoE Server Configuration in MikroTik RouterNow we are g

5 Steps to Configure PPPoE Server in MikroTik Router

Now we are going to configure PPPoE server in MikroTik to maintain the clients of a Local ISP. Generally any ISP company has various offered packages depending on bandwidth. For example, our proposed IP blocks for different bandwidth packages will be like below.

512kbps client will get 172.16.0.0/24 block IP
1Mbps client will get 172.16.1.0/24 block IP
2Mbps client will get 172.16.2.0/24 block IP

So, now we will configure our PPPoE server like that when a user purchase 512kbps connection, he/she will get a 172.16.0.0/24 block IP with his username and password.

Similarly, when a user will purchase 1Mbps connection, he/she will get a 172.16.1.0/24 block IP

and a 2Mbps user will get a 172.16.2.0/24 block IP. Complete PPPoE server configuration in MikroTik router can be divided into 5 steps.

MikroTik router basic configuration IP Pool configuration PPPoE server configuration PPP profile configuration

Step 1. MikroTik Router Basic Configuration

MikroTik router basic configuration is the prerequisite to complete PPPoE server configuration. MikroTik router basic configuration includes assigning WAN and LAN IP addresses, Gateway configuration, DNS configuration and NAT configuration.

配置广域网地址。and go to IP > Addresses and then click on add new button (PLUS Sign). New Address window will appear now. In this window, put your WAN address that you have got from ISP company in Address field and choose ether1 or your WAN interface that like from Interface drop-down menu and then click Apply and OK button. WAN address will be assigned successfully. 配置局域网地址。Again, click on add new button (PLUS Sign) and put your LAN address (in this article, I am using 172.16.0.1/24) in Address field and then choose your LAN interface from Interface drop-down menu. Now click Apply and OK button. LAN address will be assigned successfully.

配置此路由器的DNS Server地址 Now go to IP > DNS menu. DNS Settings window will appear. In this window, put DNS server address that you have got from ISP company or you can use Google’s public DNS IP (8.8.8.8) in Servers input box. Optionally, you can turn your MikroTik router as a DNS server. Turning your MikroTik router as a DNS server is a better idea 以及启用本路由器为DNS Server的设置。So, if you want to turn MikroTik as a DNS server, click the Allow Remote Requests check box and click Apply and OK button. Your MikroTik router is now a DNS server.

设置防火墙丢弃DNS查询，避免白白为外部主机做DNS查询。

All MikroTik IP addresses can now be used as a DNS server IP including WAN IP which is a public IP and problem will arise here. If anyone outside of your LAN use your WAN IP as a DNS IP, your MikroTik will be happy by serving him/her DNS solution consuming your paid bandwidth. So, for stopping DNS request from outside of your LAN, you should apply a firewall rule that will drop all DNS requests coming from your WAN interface (in this article, ether1). For this, go to IP > Firewall menu and click on add new button (PLUS Sign). New Firewall Rule window will appear now. Under General tab, choose

Chain: input,
Protocol: udp,
Dst. Port: 53 
In.Interface: ether1.

from Action Tab

Action: drop

and click Apply and OK button.

Create another similar rule for TCP connection.

Click on add new button (PLUS Sign) again and choose

Chain: input, 
Protocol: tcp, 
Dst.Port: 53 and 
In. Interface: ether1 
Action: drop under Action tab

and click Apply and OK button. Now your MikroTik DNS server is safe from outside of your LAN.

设置默认网关。 Go to IP > Routes menu for setting Gateway. From Route list window, click on add new button (PLUS). New Route window will appear now. Put your gateway address that you have got from your ISP in Gateway input field and click Apply and OK button. MikroTik default gateway will be assigned now.

Now you have to create NAT rule so that your LAN user can access internet through your router. For this, go to IP > Firewall menu and click on NAT tab. Now click on add new button (PLUS Sign). New NAT Rule window will appear. Choose

Chain: srcnat 
Address: 172.16.0.0/16

under General tab and choose

Action: masquerade

from Action tab and then click Apply and OK button. Note that we are using all Class B IP blocks for masquerading because all our LAN IP block will be within this block.

Step 2. IP Pool Configuration IP池配置

We will now create three IP Pools because we assume that we have three offered packages and our user will get different IP block IP according to their package purchase. So, follow below steps to create IP Pools in your MikroTik router.

Go to IP > Pool menu and click on add new button (PLUS Sign). New IP Pool window will appear now. Put

Name: 512kbps_Pool and0 
Addresses: 172.16.0.2-172.16.0.254

in New IP Pool window and click Apply and OK button. So when a user will purchase a 512kbps connection, he will get an IP from this IP address range. Note that address range excludes the first IP because it will be used as a Gateway address.

Similarly, create another two new IP Pool named as 1Mbps_Pool and 2Mbps_Pool and Address range will be 172.16.1.2-172.16.1.254 and 172.16.2.2-172.16.2.254 accordingly.

Step 3. PPPoE Server Configuration

Click on PPP menu item from left menu. PPP window will appear now.
Click on PLUS SIGN and choose PPPoE Server. If you want, you can change your interface name or keep it default. Click Apply and OK button.
Now click on PPPoE Servers tab and then click add new button (PLUS Sign). New PPPoE Service window will appear now. In this window, put your PPPoE server name as you like in
```
 Service Name：ISP_PPPoE_Server
```

Now choose your LAN interface where PPPoE server will be created from

Interface drop-down menu：ether1

If you create bridge interface, your bridge interface will be available in this list. So, choose bridge interface if you want to create PPPoE server in your bridge interface.

Click on :

One Session Per Host :checked

else multiple host can be connected with the same username and password.Obviously, you don’t want it.

At the bottom of this window, you can see there are 4 authentication methods. Here only select PAP, and unselect all others.

PAP :checked

Now click Apply and OK PPPoE server configuration in MikroTik router has been completed. Now we’ll create three profiles from where our clients will get IP address.

Step 4. PPP Profile Configuration

配置PPP概要，以便客户可以获得它的IPadress。

Now we will create there profiles those will be used by our clients for getting IP addresses. Follow below steps to create PPP profile in MikroTik router.

Open PPP window by clicking PPP menu from MikroTik menu bar and then click on Profiles tab. You will see already two default profiles are created by MikroTik. We will do nothing these default profiles. We will create three new profiles here. For this, click on add new button (PLUS Sign). New PPP Profile window will appear now.

In New PPP Profile window, put your profile name as you want in Name For simplicity,

Name:512kbps_Connection. 
Local Address: 172.16.0.1 
Remote Address :512kbps_Pool 
DNS Server:172.16.0.1
           8.8.8.8

Note that Local Address is the gateway address of this IP block which not included in 512kbps_Pool. So, when a 512kbps user will connect to this profile, he/she will get an IP from 512kbps_Pool and his gateway will be 172.16.0.1 that means this IP is one of the MikroTik IPs.

At the bottom of this window, put MikroTik IP that you have used for Local Address (for this profile: 172.16.0.1) as DNS Server because we have turned our MikroTik router as a DNS server. Optionally, you can put another DNS server IP that you have got from your ISP or Google’s public DNS 8.8.8.8 by clicking add new value button located after DNS Server input box.

Now click Apply and OK button.

Similarly, create another two profiles for 1Mbps connection and 2Mbps connection. In this case, put 172.16.1.1 and 172.16.2.1 as Local Address and choose 1Mbps_Pool and 2Mbps_Pool for Remote Address

Step 5. PPP Secret Configuration

Now we will create secret that means username and password of a client by which he/she will be connected to our network.

Open PPP window and click on Secrets New PPP Secret window will appear now. Put the username of any client in the Name input box and put password in Password input box.

username:__
password:__
Service:pppoe  |l2tp|ovpn|pppoe|pptp|sstp
Profile:512kbps_Connection
Caller ID:MAC

Note that username and password are necessary when any client will be connected from his workstation (PC, Laptop, Router and so on). Also, it is case-sensitive. So, be careful to put these field.

Now choose Service: pppoe from Service drop-down list and choose profile for this user from Profile drop-down list. If this user purchase a 512kbps connection, choose 512kbps_Connection profile or choose the option according to the connection type of this user.

Optionally, you can bind any device with this username and password by providing MAC address. For this, put MAC address of any device in Caller ID input box. If you put MAC address of any device in Caller ID, only this device can be connected with this secret (username and password).

Do the above steps for all your clients and provide him/her username and password to connect to your PPPoE server.

PPPoE Client Configuration

We have completely configured a PPPoE service in MikroTik router. Now your MikroTik is ready to accept PPPoE client.

A number of PPPoE clients are present now a day. Among them, now I’ll show you how to configure PPPoE client in windows 7 operating system.

Microsoft PC dialer is used to connect remote PPPoE server in window 7 to get access to the internet. So, you have to configure Microsoft PC dialer in windows 7 PC to get access to the internet through your MikroTik router. Follow my bellow steps to create PPPoE connection in windows 7 with built in PPPoE wizard.

Open Network and Sharing Center from Control Panel.
Now click on Setup a new connection or network link under Change your networking settings area. Set Up a Connection or Network window will appear.
In this window, click on Connect to the internet option and click the Next Connect to the Internet window will appear.
Click on Broadband (PPPoE) option from this window and put

username:___ password:___ connection name:___

that you have created in PPP secret configuration step in User name and Password input field accordingly. Optionally, you can change connection name in Connection name input field and you can also click on Remember this password option otherwise you have to provide password every time you start your PC.

Now click on Connect If you provide correct username and password, The connection to the Internet is ready to use message will be shown. Now click on Close button. A dialer will be created in your windows 7 PC and you can enter your credential anytime to connect Internet with this dialer.