list Archives - NETRAVNEN BLOGGING

⚠ Information in this post is outdated since the launch of PIA’s ‘Next-Gen’ VPN network in 2020, sunsetting the then-existing set-up ⚠

First create a vpn profile to use when creating l2tp/pptp connections
to privateinternetaccess.

/ppp profile add change-tcp-mss=yes \
comment="PIA VPN" \
dns-server=209.222.18.222,209.222.18.218 \
name=privateinternetaccess only-one=no \
use-compression=no use-encryption=required \
use-ipv6=no use-mpls=no use-upnp=no

Create the l2tp interface

/interface l2tp-client add \
comment="PIA VPN Netherlands" \
connect-to=nl.privateinternetaccess.com \
disabled=no name=pia-de-l2tp \
profile=privateinternetaccess \
user=[l2tp-username] \
password=[l2tp-password]

[l2tp-username] Your PIA username for l2tp/pptp/socks connections beginning with ‘x’ (not ‘p’!)
[l2tp-password] Your PIA password for l2tp/pptp/socks connections

Create a firewall mangle rule to mark IPv4 traffic we want to
go through the VPN.

/ip firewall mangle add \
action=mark-routing \
chain=prerouting \
comment="PIA VPN Netherlands" \
new-routing-mark="PPTP RM" \
passthrough=yes \
src-address=[ip-range-to-forward-through-vpn]

[ip-range-to-forward-through-vpn]

Fx. 192.168.1.0/24 or 192.168.1.2-192.168.1.254

Create the NAT rule and tell it to use the VPN interface.

/ip firewall nat add \
action=masquerade chain=srcnat \
comment="PIA VPN Netherlands" \
out-interface=pia-de-l2tp

Create a corresponding default route to match the previous NAT
rule. Which only get used when IPv4 traffic has been marked with
‘PPTP RM’.

/ip route add \
comment="PIA VPN Netherlands" \
disabled=yes distance=1 \
gateway=pia-de-l2tp routing-mark="PPTP RM"

Now you should see traffic from clients in the IPv4 range
of [ip-range-to-forward-through-vpn] go through the VPN.

NB: If you want to use another country apart from Netherlands. Check out Private Internet Access list of locations here: PIA VPN Tunnel Network

The list is still subject to updates and changes  from time to time.
Last updated: 20170121.

Acronym	Definition	Comment
Acronym	Definition	Comment
6PE	IPv6 Provider Edge Router
6VPE	IPv6 Virtual Private Network Provider Edge Router
ABC	Abstract Base Class
ACE	Access Control Entry
ACID	Atomicity, Consistency, Isolation, and Durability
ACL	Access Control List
ACPI	Advanced Configuration and Power Interface
ADO	ActiveX® Data Objects
ADSI	Active Directory Service Interfaces
AF	Address Family
AFI	Address Family Identifier
AIC	Application Integration Component
ANSI	American National Standards Institute
ANSI SQL	American National Standards Institute Structured Query Language
API	Application Programming Interface
APM	Advanced Power Management
APPC	Advanced Program-to-Program Communication
ARP	Address Resolution Protocol
ASA	Adaptive Security Applicance	Cisco
ASAv	Adaptive Security Virtual Applicance	Cisco
ASCII	American Standard Code for Information Interchange
ASP	Active Server Pages
ASR	Aggregation Service Routers	Cisco
ATL	ActiveX® Library Template
ATM	Asynchronous Transfer Mode
AXFR	Asynchronous Full Transfer Zone
BASH	Bourne Again Shell
BDC	Backup Domain Controller
BDM	Business Development Manager
BFD	Bidirectional Forwarding Detection
BGP	Border Gateway Protocol
BINL	Boot Information Negotiation Layer
BIOS	Basic Input/Output System
BLOB	Binary Large Object
BSD	Berkeley Software Distribution
CA	Certification Authority
CAL	Client Access License
CDFS	Compact Disk File System
CE	Customer Edge Router
CICS	Customer Interface Control System
CIFS	Common Internet File System
CIM	1. Common Information Model 2. Computer Information Model
CIP	Commerce Interchange Pipeline
CLB	Component Load Balancing
CLSID	Class Identifier
CMOS	Complementary Metal Oxide Semiconductor
COFF	Common Object File Format
COM	Component Object Model
COMAdmin	Component Services Administration
CoPP
CORBA	Common Object Request Broker Architecture
CPE	Customer Premise Equipment
CRM	Compensating Resource Manager
CSMI	CICS Mirror Transaction
CSR	Cloud Services Router	Cisco
CSR-X	Carrier Routing System	Cisco
cSRX		Juniper
CTM	Coordinating Transaction Manager
DACL	Discretionary Access Control List
DB	Database
DBG	Debug Format
DBMS	Database Management System
DCOM	Distributed Component Object Mode
DDF	1. Distributed Database Facility 2. Data Decryption Field
DDL	Data Definition Language
DDM/DRDA	Distributed Data Management / Distributed Relational Data Access
DDNS	Dynamic Domain Name Service
DFS	Distributed File System
DHCP	Dynamic Host Configuration Protocol
DHTML	Dynamic HTML
DLL	Dynamic-link Library
DMI	Desktop Management Interface
DML	Data Manipulation/Modification Language
DMTF	1. Distributed Management Task Force 2. Desktop Management Task Force
DNA	Distributed InterNet Applications
DNS	Domain Name System
DPA	Demand Protocol Architecture
DPL	Distributed Program Link
DRF	Data Recovery Field
DSA	Directory System Agent
DSN	1. Data Source Name 2. Domain Server Name
DTC	Distributed Transaction Coordinator
DTD	Document Type Definition
DTS	Data Transformation Services
DVD	Digital Video (or Versatile) Disk
EAP	1. Extensible Authentication Protocol 2. Early Adopter Program
ECMA	European Computer Manufacturing Association
EDI	Electronic Data Interchange
EFD	Early Fast Discard
EFS	Encrypting File System (Windows 2000)
EGP	Exterior Gateway Protocol
EHLLAPI	Extended HLLAPI
EIGRP	Enhanced Interior Gateway Routing Protocol
ELSA	Electronic Library Services and Applications
EPN
ERP	Enterprise Resource Planning
EX		Juniper
EXE	Executable File
FAT	File Allocation Table
FEK	File Encryption Key
FPNW	File and Print Services for NetWare
FQDN	Fully Qualified Domain Name
FIB	Forward Information Base
FTP	File Transfer Protocol
GC	Global Catalog
GDB	GNU Debugger
GINA	Graphical Identification and Authentication
GIT	Global Interface Table
GPE	Group Policy Editor
GPL	General Public License
GPO	Group Policy Object
GRE	Generic Routing Encapsulation
GSNW	Gateway Services for NetWare
GSSC	Global Solutions Support Center
GTM	Go to Market
GUI	Graphic User Interface
HA	High Availability
HAL	Hardware Abstraction Layer
HCL	Hardware Compatibility List
HIP	High Impact Project
HKCU	HKey_Current_User
HKLM	HKey_Local_Machine
HLLAPI	High Level Language Application Programming Interface
HSM	Hierarchical Storage Management
HTML	Hypertext Markup Language
HTTP	Hypertext Transfer Protocol
IANA	Internet Assigned Numbers Authority
IDE	1. Integrated Development Environment 2. Integrated Drive Electronics
IDL	1. Interface Description Language 2. Interface Definition Language
IDOC	Intermediate Document
IEAK	Internet Explorer Administrator Kit
IETF	Internet Engineering Task Force
IGP	Interior Gateway Protocol
IID	Interface Identifier
IIS	Internet Information Services (Internet Information Server)
IME	Input Method Editor
IMIX
IMS	Information Management System
IOS		Cisco
IOS XE		Cisco
IOS XR		Cisco
IOS XRv		Cisco
IOS XRv 9000		Cisco
IP	1. Internet Protocol 2. Intellectual Property
IPC	Interprocess Communication
IPFIX
IPSec	Internet Protocol Security
IPX	Internetwork Packet eXchange
IPv4	Internet Protocol Version 4
IPv6	Internet Protocol Version 6
IrDA	Infrared Data Association
ISAM	Indexed Sequential Access Method
ISIS	Intermediate System to Intermediate System	Juniper
ISO	International Organization for Standardization
ISV	Independent Software Vendor
ITIL	Information Technology Infrastructure Library
ITS	Incompatible Time-Sharing System
IXFR	Incremental Transfer
IXP	Internet Exchange Point
JDBC	Java Data Base Connectivity
JIT	Just-in-Time
JMS	Java Message Service
JNDI	Java Naming and Directory Interface
JRMI	Java Remote Method Invocation
JTAC	Juniper Technical Assistance Center	Juniper
JTS	Java Transaction Service
JUNOS	Junos Network Operating System	Juniper
KCC	Knowledge Consistency Checker
KDC	Key Distribution Center
KVM	Kernel-based Virtual Machine
L2TP	Layer 2 Tunneling Protocol
L2VPN	Layer-2 Virtual Private Network
L3VPN	Layer-3 Virtual Private Network
LAN	Local Area Network
LCE	Loosely Coupled Events
LDAP	Lightweight Directory Access Protocol
LDP	Label Distribution Protocol
LISP	List Processor
LORG	Large Organization
LPTS	Local Packet Transport Services
LSA	Local Security Authority
LU	Logical Unit
LXC	Linux Containers
MAC	Media Access Control
MDAC	Microsoft Data Access Components
MFI	Multiprotocol Label Switching Forwarding Infrastructure
MGBL
MICR	Magnetic Ink Character Recognition
MIME	Multipurpose Internet Mail Extensions
MLV	Multilanguage Version
MMC	Microsoft Management Console
MOF	Managed Object Format
MOM	Microsoft Operations Manager
MORG	Medium-sized Organization
MP-BGP	Multiprotocol Extensions for Border Gateway Protocol
MPLS	Multiprotocol Label Switching
MQS	Message Queue Series
MRO	Maintenance Repair and Operations
MSCS	Microsoft Cluster Service
MSDE	1. Microsoft Data Engine 2. Microsoft SQL Server 2000 Desktop Engine
MSF	Microsoft Solutions Framework
MSI	Microsoft Windows Installer
MSMQ	Message Queuing
MSP	1. Managed Service Provider 2. Messaging Service Provider 3. Message Security Protocol
MTA	Multi-threaded Architecture
MTS	1. Microsoft Transaction Server 2. Microsoft Technical Support
MVS	Multiple Virtual System
NAL	NetWare Applications Launcher
NAV	Net Asset Value
NCP	1. Network Control Program 2. Network Control Protocol 3. NetWare Core Protocol
NCS
NDIS	Network Driver Interface Specification
NDPS	Novell Distributed Print Services
NDS	NetWare Directory Service
NFS	Network File System
NFV	Network Forward Virtualization
NGF	Next Generation Firewall
NIC	1. Network Interface Card 2. Network Adapter 3. Network Information Center
NIS	Network Information Service
NLB	Network Load Balancing
NLS	National Language Support
NNTP	Network News Transport Protocol
NTLM	NT LAN-Manager
NTP	Network Time Protocol
NTW	New Technology Workstation
NVT	Network Virtual Terminal
OCR	Optical Character Recognition
OCX	1. OLE Custom Control 2. OLE Control Extension
ODBC	Open Database Connectivity
OLAP	Online Analytical Processing
OLTP	Online Transaction Processing
OMG	Object Management Group
OO	Object Oriented
OOAD	Object Oriented Analysis and Design
OPP	Order Processing Pipeline
ORB	Object Request Broker
OS	Operating System
OSPF	Open Shortest Path First
OSTA	Optical Storage Technology Association
OTM	Object Transaction Middleware
PAC	Privilege Attribute Certificate
PCL	Printer Control Language
PCMCIA	Personal Computer Memory Card International Association
PDC	Primary Domain Controller
PE	Provider Edge
PEC	Primary Enterprise Controller
PG	Product Group
PIE
PK	Primary Key
PKI	Public Key Infrastructure
PMI	Project Management Institute
PnP	Plug and Play
POS	1. Programmable Option Select 2. Point of Sale 3. Point of Service 4. Packet Over Sonet 5. Persistent Object Server
POSIX	Portable Operating System Interface
PPP	Point-to-Point Protocol
PPTP	Point to Point Tunneling Protocol
PSS	Product Support Services
PTM	Participating Transaction Manager
PTR	Point-in-Time Repair
PXE	Pre-boot Execution Environment
QCE	Quality Customer Experience
QEMU	Quick Emulator
QFE	Quick Fix Engineering
QoS	Quality of Service
QvPC	QNAP virtualized Personal Computer
OTT	Over-The-Top
RADIUS	Remote Authentication Dial-In User Service
RAID	Redundant Array of Independent Disks
RAS	Remote Access Services
RD	Route Distinguisher
RDO	Remote Data Object
RDP	1. Remote Display (or Desktop) Protocol 2. Reliable Datagram Protocol
RDS	Remote Data Services
RFC	Request for Comment
RIB	Routing Information Base
RID	1. Relative Identifier 2. Record ID
RIP	Routing Information Protocol
RIS	Remote Installation Services
RM	Resource Manager
ROLAP	Relational Online Analytical Processing
RPC	Remote Procedure Call
RPM
RR	1. Resource Records 2. Route Reflector
RSM	Removable Storage Management
RSS	Remote Storage
RT	Route Target
RTL	Register Transfer Language
RUP	Roaming User Profile
SACL	System Access-Control List
SAM	Security Accounts Manager
SAN	Storage Area Network
SAS	1. Secure Attention Sequence 2. Serial Attached SCSI
SCA	Security Configuration and Analysis
SCE	Security Configuration Editor
SCM	1. Service Control Manager 2. Security Control Monitor
SCSI	Small Computer System Interface
SCTS	Security Configuration Toolset
SD	Security Descriptor
SDI	1. Secure Dial-In 2. Single Document Interface 3. Smart Database Interface
SDK	Software Development Kit
SDN	Software Defined Networking
SFU	Windows Services for UNIX
SI	System Integrator
SID	Security Identifier
SIS	Single Instance Store
SMB	Server Message Block
SMS	Systems Management Server
SMTP	Simple Mail Transfer Protocol
SMU
SNA	Systems Network Architecture
SNMP	Simple Network Management Protocol
SP	Stored Procedure
SPM	Shared Property Manager
SR	Secure Router	Cisco
SRM	Security Reference Monitor
SRX		Juniper
SSD	Solid State Disk
SSL	Secure Socket Layer
SSO	Single Sign-on
SSPI	Security Support Provider Interface
SVID	System V Interface Definition
SAA	System Application Architecture
TAC	Technical Assistance Center	Cisco
TCE	Tightly Coupled Events System
TCO	Total Cost of Ownership
TCP/IP	Transmission Control Protocol/Internet Protocol
TCT	Terminal Control Table
TFTP	Trivial File Transfer Protocol
TGS	Ticket-Granting Service
TGT	1. Transaction Group Type 2. Ticket Granting Ticket 3. Target Tracker
TIP	Transaction Internet Protocol
TLB	Type Library
TLS	Thread Local Storage
TM	Transaction Manager
TP	Transaction Program
TPD	Transactions Per Day
TPH	Transactions Per Hour
TPM	Transactions Per Minute
TPS	Transactions Per Second
TSA	Target Service Agent
TTL	Time to Live
UCS	1. User Coordinate System 2. Universal Character Set 3. Unicode Conversion Support 4. Unified Communication Server
UDF	1. Universal Disk Format 2. User-defined function 3. Uniqueness Database File
UDP	User Datagram Protocol
UI	User Interface
UML	1. Unified Modeling Language 2. Universal Markup Language
UNC	Universal Naming Convention
UPN	User Principal Name
URL	Uniform Resource Locator
uRPF
USB	Universal Serial Bus
USMT	User State Migration Tool
USN	Update Sequence Numbers
UTF	Unicode Transformation Format
VAN	Value Added Network
vCenter		VMware
vCPE	Virtual Customer Premise Equipment
vESA		Cisco
VM	Virtual Machine
vNAM		Cisco
VNF
vPE	Virtual Provider Edge
VPN	Virtual Private Network
VRF	Virtual Private Network Routing and Forwarding Instance
vRR	Virtualized Route Reflector
VRRP
vSphere		VMware
vSRX		Juniper
vWLC
vWSA
vWAAS
VxD	Virtual Device Driver
WAN	Wide Area Network
WBEM	Web-based Enterprise Management
WDM	Win32 Driver Model
WFP	Windows File Protection
WHQL	Windows Hardware Quality Lab
WINS	Windows Internet Name Service
WMI	Windows Management Instrumentation
WQL	WMI Query Language
WRED
WSH	Windows Script Host
XA	Extended Architecture
XDR	External Data Representation
XML	Extensible Markup Language
XML TI	XML Transaction Integration
XSL	Extensible Style Language
XSLT	Extensible Stylesheet Language Transformations
Yang
ZAW	Zero Administration for Windows

Sources (amongst each other):

Networks relevant for AS112 project

Links

MikroTik Forum

Blocklists

Github