This is quick howto based on wiki, however this is more common case, where we have WAN on one port, then bridge that contains all the other LAN ports bridged with WLAN and it is NATed to the WAN. We are using the same subnet for the remote connection as per the server. The hint is not to forget to enable proxy-arp on the bridge once the connection is established, otherwise the access inside the NATed network won't be possible.
WAN IP: WAN_IP (put your one here)
LAN IP network 192.168.90.0/24
Server LAN IP address: 192.168.90.254
On the servers side:
Just to make sure NAT is running for the internal network:
/ip firelewall nat
add action=masquerade chain=srcnat disabled=no out-interface=WAN src-address=192.168.90.0/24 to-addresses=0.0.0.0
/interface pptp-server
server set enabled=yes
Setup PPTP profile, secret and interface:
/ppp profile
add change-tcp-mss=yes local-address=192.168.90.254 name=profile2 only-one=default
remote-address=pptp use-compression=default use-encryption=yes use-mpls=default
use-vj-compression=default
/ppp secret
add caller-id="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name=ppp2 password=passwd
profile=profile2 routes="" service=pptp
/interface pptp-server
add disabled=no name=pptp-server user=ppp2
Setup pool for the remote addresses to be assigned:
/ip pool
add name=pptp ranges=192.168.90.2-192.168.90.29
Enable proxy-arp:
/interface bridge
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=proxy-arp auto-mac=yes disabled=no
forward-delay=15s l2mtu=1598 max-message-age=20s mtu=1500 name=bridge1 priority=0x8000
protocol-mode=rstp transmit-hold-count=6
Client's side:
Setup pptp client connection details:
/interface pptp-client
add add-default-route=no allow=pap,chap,mschap1,mschap2 comment="VPN" connect-to=WAN_IP dial-on-demand=no disabled=no max-mru=1460 max-mtu=1460 mrru=disabled name=pptp-office password=password profile=default-encryption user=ppp2
Add proper route with the distance
/ip route
add disabled=no distance=1 dst-address=192.168.90.0/24 gateway=pptp-office scope=30 target-scope=10