The pneumonia of 2019 is not over yet. Today is the first day of remote resumption of work. A few days ago, I introduced a plan of global connection back to the company network. However, someone secretly told me that the company is not ready to set up VPN for temporary office. Most companies’ temporary solution is to use TeamViewer software to implement remote connection solution. This kind of scheme is basically not directly connected, they all need to go to the third party company to go around and then connect, the first time will be stuck, especially in the case of multiple people in the same company, more importantly, it is not safe to say after going around. Is there another solution?

We can reverse VPN, that is, set up VPN server from home, dial from the company to home. Of course, it is also relatively necessary to have a public IP address at home. If you use the broadband of the three major operators but do not have a public IP address at present, you can send me a private message. This tutorial is a series of Routeros tutorials, so you need to have at least one Routeros router.

Route to the PC

This method is suitable for connecting to only one machine in the company, and is more suitable for not connecting to other machines in the company. First let’s set up the Home side.

[admin@Home] / PPP secret> add name=Home service= L2TP password=123 local-address=172.16.1.1 [admin@Home] /interface l2tp-server server> set enabled=yesCopy the code

The desktop in the office is relatively simple. You can dial up using the built-in L2TP mode of the system. The screenshot shows an example of windows10 configuration. After successful dial-up, use 172.16.1.2 on the home side to connect to the company PC

Router to router

This is a good way to connect to other internal servers in addition to the company’s desktop.

The Home setup is the same as above. Let’s set up the router at Offcie.

// Add a dial-up client on the corporate end [admin@Office] /interface l2tp-client> add user=Home password=123 connect-to= homeserver. IP disabled=noCopy the code

After successful dial-up, the home PC can access the company’s host. To continue to access the company’s entire network, you need to add router and NAT

// Add the route [admin@Home] / IP route> add dst-address=10.1.0.0/16 gateway=172.16.1.2 // Add NAT [admin@Home] / IP firewall nat> add action=masquerade chain=srcnat comment=comp-ppp out-interface=<l2tp-Home>Copy the code

Working from home now allows normal access to the company’s internal network.

other

I heard the word SOHO(Small Office, Home Office) when I got in touch with the Internet in 2000. At that time, I thought it was new and always longed for it. Unexpectedly, the Spring Festival 20 years later, due to an epidemic, Internet companies across the country have realized a state of telecommuting from home. Apart from the epidemic, do you like the state of SOHO?

If you feel the content of the article is more practical, please pay attention to the public account: