Step by Step: How to configure a PPTP VPN Client on Mikrotik RouterOS


Last time I wrote how to configure a PPTP VPN Server on Mikrotik RouterOS

Today I will show you how to configure a PPTP VPN Client on Mikrotik RouterOS.

Before we start I will try to explain what I want to do…

My home network: - Private - Public

Remote location:

I would like to establish a VPN connection to the remote location on my Mikrotik router and allow computers (only!) from my private subnet to access computers on the remote location.

This tutorial will explain you how I did this. Here is a simple step by step tutorial with images and all information that you need to get PPTP VPN Client working…

Step 1: Create PPTP Client

Noting special on this step, so I think that the image is enough :)

slika 1

Step 2: Configure PPTP Client

After you created the PPTP Client you will need to enter some basic information:

  1. VPN server hostname or IP
  2. VPN username and password

slika 2

then you need a name for the client…

slika 3

If you enter the correct information you are already connected to the VPN server

You can now double-click on pptp-client and see the status

slika 4


With the current configuration I can ping a remote computer from my Mikrotik:

[admin@MikroTik] > ping address= src-address= count=3 
HOST                                     SIZE TTL TIME  STATUS                                                         56 127 42ms                                56 127 44ms                                56 127 41ms 
    sent=3 received=3 packet-loss=0% min-rtt=41ms avg-rtt=42ms max-rtt=44ms

but I can’t ping the same computer from any other location (other computers connected to my Mikrotik…


Pinging with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.

Ping statistics for
    Packets: Sent = 3, Received = 0, Lost = 3 (100% loss)

to resolve this we need to add a NAT rule and one more route

Step 3: NAT configuration

[admin@MikroTik] > /ip firewall nat print

 1    ;;; pptp-client masquerade
      chain=srcnat action=masquerade src-address= 
      out-interface=pptp-client log=no log-prefix="" 


slika 5

src-address is used to allow only computers from my private subnet

slika 6

In simple words… With this we allowed other computers to use VPN client interface.

Step 4: Add new route

route #4 is automatically added with pptp-client.
We need to add route #3…
Again… in simple words… With this route we route all request from (router IP for private subnet) to remote subnet

[admin@MikroTik] > /ip route print 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 3 A S     pptp-client               1
 4 ADC   pptp-client               0

slika 7

Step 5: Finish

If you did all right, you now have access to the remote subnet from your private subnet.

A quick test…

Pinging with 32 bytes of data:
Reply from bytes=32 time=41ms TTL=126
Reply from bytes=32 time=41ms TTL=126
Reply from bytes=32 time=86ms TTL=126

Ping statistics for
Packets: Sent = 3, Received = 3, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 41ms, Maximum = 86ms, Average = 56ms

If you need any help or I did something wrong, leave a comment and I will try to do my best to help you.

(5) Comments

  • Arif Faheem
    06 Nov 2014


    There is requirement is to run the DATA & Internet on two computers at
    the same time on Mickrotik Router. Can you please confirm that is it possible on Microtik router?? Appreciate, if you can share step by step configuration for the same.
    LAN IP Pool (For Data) :
    IP Pool for Internet:
    WAN IP Pool:

    For Data connectivity we have already made GRE tunnel b/w branch & Head Office

    Tunnel Ip@ branch end router:
    Tunnel Ip@ HO router:
    Tunnel Destination:
    LAN IP Pool@HO:

  • prabin shrestha
    11 Jan 2018

    thank you very much. it helped me a lot

  • Martin Hlavicka
    27 Mar 2018

    Hello Uroš,
    Thank you very much for very comprehensive guide. But I can´t reproduce same as you.
    I´m able ping my remote router router to safe side, but others devices are not visible in remote network. Do you know, where should be the problem?
    Many thanks Martin

    • Uroš
      27 Mar 2018

      Hi Martin,

      maybe you need to setup something on your remote router? I’m not sure why is not working for you… maybe someone else here have some idea? :)


  • Ubaid Ali
    02 Sep 2020

    Can You please help me out to Create the L2TP server and client in Mikrotik Router.

Leave a Comment