PPPoE (Point to Point Protocol over Ethernet) is one of the exceptional services in MikroTik Router. It is often used as an extension of the standard Point to Point Protocol (PPP). The difference between them is expressed when data is being transmitted. PPPoE is Ethernet based, unlike serial modem connection. PPPoE is a client-server protocol that means PPPoE client (IP devices such as Desktop, Laptop, wireless Router etc.) will request for IP information to PPPoE server providing security information (username and password) and PPPoE server will provide IP information by matching that security information.
PPPoE services are very important for extensive user management, network management and accounting benefits to ISPs and network administrators. PPPoE is used mainly by ISPs to control client connections for xDSL and cable modems as well as plain Ethernet networks. PPPoE is now most popularly used in local ISP Company because local ISP user can so easily be maintained with this service. So, this in this tutorial we going to show how to maintain ISP clients by configuring and setting up a PPPoE server in MikroTik Router.
ISP Setup with PPPoE Configuration
As a system administrator of an ISP company, we take into considerations various offered bandwidth packages such as 512kbps connection, 1Mbps connection, 2Mbps connection and so on actually we don’t give the 512kbps, this because the end user will end up complaining and even disconnect from the service. In other for us to be on the safe side we always take out time to explain to our ccustomers the various packages and the anticipated number of users.
Now when a bandwidth like this is being offered users of these packages can so easily maintain with MikroTik PPPoE service.
So in this tutorial will take it step bit after another, for better understanding of the setup.
We will take a scenario where a MikroTik router WAN port (ether 1) is connected to internet and LAN port ether 2, where we will setup the PPPoE server will be connected to a distribution switch.
PPPoE end user such like : PC, Laptop, Tablet and Wireless Router, will be connected to the PPPoE server through this distribution switch.
This is the basic of mikrotik PPPoE.
But in this network if you want to use multiple Ethernet ports for your LAN, maybe because your building an enterprise network that will be pretty cool, but you have to create MikroTik Bridge virtual interface for accumulating multiple interfaces into a single interface and then configure PPPoE server in that virtual interface.
You will notice that there are two end setups and configurations for PPPoE service.
1. PPPoE server configuration in MikroTik Router
2. PPPoE client configuration
So for us to fully integrate a PPPoE service in our network, the first configuration we need to do is the PPPoE server in MikroTik router. and then will move to have to configure various PPPoE clients.
Generally here an Internet Service Providing company, we are offering different packages depending on bandwidth like I said. But I think that It is always better and common to maintain client bandwidth with MikroTik Queues service even you want to work like an expert in using PPPoE service. Specially I‘ll recommend you to use MikroTik PCQ service which I will explained in my coming tutorials about ISP bandwidth management with MikroTik PCQ to maintain your different bandwidth packages. Now we’ll use PPPoE server only for assigning different IP Block’s IP to different clients according to their bandwidth packages. For example, our proposed IP blocks for different bandwidth packages will be like below.
512kbps client will get 220.127.116.11/24 block IP
1Mbps client will get 18.104.22.168/24 block IP
2Mbps client will get 22.214.171.124/24 block IP
So, now we will configure our PPPoE server like that when a user purchase 512kbps connection, he/she will get a 126.96.36.199/24 block IP with his username and password. Similarly, when a user will purchase 1Mbps connection, he/she will get a 188.8.131.52/24 block IP and a 2Mbps user will get a 184.108.40.206/24 block IP.
we will start the setup by adopting the following steps
PPPoE server configuration
PPP profile configuration
PPP secrets (username and password) configuration
I. Basic Configuration.
Login to your winbox, go to IP > Addresses and then click on add new button (PLUS Sign). New Address window will appear now.
In this window, put your WAN address that you have got from ISP company in Address field and choose ether1 or your WAN interface that like from Interface drop-down menu and then click Apply and OK button. WAN address will be assigned successfully.
Again, click on add new button (PLUS Sign) and put your LAN address (in this article, I am using 220.127.116.11/24) in Address field and then choose your LAN interface from Interface drop-down menu. Now click Apply and OK button. LAN address will be assigned successfully.
Now go to IP > DNS menu. DNS Settings window will appear. In this window, put DNS server address that you have got from ISP Company or you can use Google’s public DNS IP (18.104.22.168) in Servers input box. You can put secondary DNS server IP by clicking add new value button located after the Servers input box. Optionally, you can turn your MikroTik router as a DNS server. Turning your MikroTik router as a DNS server is a better idea, I think. Because if you use public DNS server in your network, every DNS request of your user will consume your paid bandwidth. But if you turn MikroTik router as a DNS sever, your user will get DNS solution from MikroTik router without consuming your paid bandwidth. So, if you want to turn MikroTik as a DNS server, click the Allow Remote Requests check box and click Apply and OK button. Your MikroTik router is now a DNS server. All MikroTik IP addresses can now be used as a DNS server IP including WAN IP which is a public IP and problem will arise here. If anyone outside of your LAN uses your WAN IP as a DNS IP, your MikroTik will be happy by serving him/her DNS solution consuming your paid bandwidth. So, for stopping DNS request from outside of your LAN, you should apply a firewall rule that will drop all DNS requests coming from your WAN interface (in this article, ether1). For this, go to IP > Firewall menu and click on add new button (+ Sign). New Firewall Rule window will appear now. Under General tab, choose Chain: input, Protocol: udp, Dst. Port: 53 and In. Interface: ether1.
Now choose Action: drop from Action Tab and click Apply and OK button. Create another similar rule for TCP connection. Click on add new button (+ Sign) again and choose Chain: input, Protocol: tcp, Dst.Port: 53 and In. Interface: ether1 and then choose Action
drop under Action tab and click Apply and OK button. Now your MikroTik DNS server is safe from outside of your LAN.
Go to IP > Routes menu for setting Gateway. From Route list window, click on add new button (PLUS). New Route window will appear now. Put your gateway address that you have got from your ISP in Gateway input field and click Apply and OK button. MikroTik default gateway will be assigned now.
The next we will do it to create NAT rule so that your LAN user can access internet through your router. To do this, go to IP > Firewall menu and click on NAT tab.
Now click on add new button (PLUS Sign). Choose Chain: srcnat and Address: 22.214.171.124/16 under General tab and choose Action: masquerade from Action tab and then click OK button.
II. IP Pool Configuration.
In this setup and configuration, we are creating three IP Pools because we working t three offered packages and our user will get different IP block IP according to their package purchase.
Go to IP > Pool menu and click on add new button (PLUS Sign).
New IP Pool window will appear now. Put Name: 512kbps_Pool and Addresses: 126.96.36.199-188.8.131.52 in New IP Pool window and click Apply and OK button. When a user will purchase a 512kbps connection, they will get an IP from this IP address range. Note that address range excludes the first IP because it will be used as a Gateway address.
Similarly, create another two new IP Pool named as 1Mbps_Pool and 2Mbps_Pool and Address range will be 184.108.40.206-220.127.116.11 and 18.104.22.168-22.214.171.124 accordingly.
III. PPPoE Server Configuration
Now we have done the initial configurations, let us then configure our PPPoE server in MikroTik router which seems to be our first assignment.
Click on PPP menu item from left menu of the mikrotik winbox. PPP window will appear now. Click on red +SIGN and choose PPPoE Server. If you want, you can change your interface name or keep it default. Click on Apply and OK button.
Now click on PPPoE Servers tab and then click + Sign. New PPPoE Service window will appear now. In this window, put your PPPoE server name (techsfair.com server) depending on you.
Now choose your LAN interface where PPPoE server will be created from Interface drop-down menu, probably ether1.
If you create bridge interface, your bridge interface will be available in this list. So, choose bridge interface if you want to create PPPoE server in your bridge interface.
Click on One Session Per Host If you left it blank, multiple host/devices can be connected with the same username and password.
At the bottom of this window, you can see there are 4 authentication methods. Here only select PAP, and unselect all others. Now click Apply and OK.
IV. PPP Profile Configuration
Now we will create three profiles that will be used by our clients for getting IP addresses.
Open PPP window by clicking PPP menu from MikroTik menu bar and then click on Profiles tab.
click on add new button (PLUS Sign). New PPP Profile window will pop up.
In New PPP Profile window, put your profile name as you want in Name For simplicity, I am using 512kbps_Connection. Now put Local Address: 126.96.36.199 and choose 512kbps_Pool from Remote Address drop-down menu.
Note that Local Address is the gateway address of this IP block which not included in 512kbps_Pool. So, when a 512kbps user will connect to this profile, they will get an IP from 512kbps_Pool and his/her gateway will be 188.8.131.52 that means this IP is one of the MikroTik IPs.
At the bottom of this window, put MikroTik IP that you have used for Local Address (for this profile: 184.108.40.206) as DNS Server because we have turned our MikroTik router as a DNS server. Optionally, you can put another DNS server IP that you have got from your ISP or Google’s public DNS 220.127.116.11 by clicking add new value button located after DNS Server input box.
Now click Apply and OK button.
Similarly, create another two profiles for 1Mbps connection and 2Mbps connection. In this case, put 18.104.22.168 and 22.214.171.124 as Local Address and choose 1Mbps_Pool and 2Mbps_Pool for Remote Address.
V. PPP Secret Configuration
Now we will create means of authentication which is username and password of a client by which they will be connected to our network.
To do that we will click on PPP window and click on Secrets New PPP Secret window will appear now.
Put the username of any client in the Name input box and put password in Password input box. Note that username and password are necessary when any client will be connecting from their workstation phones, Tablets, PC, Laptop, wireless Router and so on).
The next thing Is for us to choose the type of service Bandwidth we are offering, to do that click on the pppoe from Service drop-down list and choose profile for this user from Profile drop-down list.
If the customer purchased a 512kbps connection, choose 512kbps_Connection profile or choose the option according to the connection type of this user.
So next in our tutorials we will check out how to set up PPPoE on the client side.