Which command enables an L2TP/IPsec VPN server for remote clients on MikroTik?

• A. /interface l2tp-server server set enabled=yes use-ipsec=yes ipsec-secret=yoursecret; create PPP secrets and an IP pool for clients if required
• B. /interface l2tp-server server set enabled=yes use-ipsec=yes ipsec-secret=yoursecret
• C. /interface l2tp-server server set enabled=no
• D. /interface l2tp-server server set enabled=yes use-ipsec=no

Answer: (A)

To let remote clients connect via L2TP over IPsec, you must turn the L2TP server on and require IPsec protection with a shared secret. The command that does this enables the L2TP server, activates IPsec for it, and sets the IPsec secret that clients will use to authenticate the tunnel. This combination is what allows remote clients to establish a VPN session securely. After enabling, you’ll typically add per-user PPP secrets for authentication and an IP pool so connected clients receive an address; without user credentials there’s no way to log in, and without an address pool there’s nowhere to assign an IP to the client. Choices that leave the server disabled, or that don’t enable IPsec, won’t provide the intended secure L2TP/IPsec setup.