Internet providers in many countries are forced to store all your created data for a certain time, and no one knows what exactly is saved actually and what really happens with it, e.g. if someone steals the data. One way to get securer internet access is to redirect your whole traffic via a reliable VPN provider.

IPVanish offers well-working VPN connections with many servers hosted in different countries. You also get software to get it running easily running under Windows, Kodi, Mac OS X, iOS, Android, Windows Phone, Ubuntu, with OpenVPN configs and routers in general.

In this tutorial, I will explain how the connection can be established for all (or certain) devices in your LAN using a Mikrotik Routerboard with RouterOS.

Procedure

Register an IPVanish account.

You will receive user and password afterwards. You also have access to a long list of servers available, choose one of them.

Start Mikrotik WinBox and open “PPP” and add a new “PPTP Client” interface.

Open the “Dial Out” tab and enter

• the VPN host you choose (DNS or IP of it)
• User and password you got via email

 

Open IP -> Firewall -> NAT.

Add a new rule:

• Chain: srcnat
• Out. Interface: ipvanish
• Action: Masquerade

 

Open Mangle tab and create a new entry:

• Chain: prerouting
• Src. Address: (your local IP or IP range you want the VPN use for)
• Action: Mark routing
• New Routing Mark: ipvanish

You can create multiple mangle rules for several local IP addresses or ranges.

 

Open IP -> Routes.

Add a new route:

• Gateway: ipvanish
• Routing Mark: ipvanish

 

Check your DNS entries under IP -> DNS (and in the Static area), you should have at least one or two DNS servers, like a local one or Google DNS servers (8.8.8.8 and 8.8.4.4).

Other tutorials recommend enabling “Allow Remote Requests” checkbox. I left it disabled and it also works fine.

 

Check if your IPVanish interface is up and running:

If it shows an error, check your logs, especially your DNS, host, user and password.

 

Reference