MikroTik Config: cAP Lite Wifi Router w/L2TP VPN & Guest Wifi

MikroTik Config: cAP Lite Wifi Router w/L2TP VPN & Guest Wifi

This is an example configuration file for the MikroTik cAP Lite.  The cAP Lite is a tiny access point device w/ full RouterOS router functionality.  The router features 1 10/100 ethernet interface and can be powered with 5V MicroUSB or any PoE inject 10-60V.

cAP lite Config Diagram – Click to Enlarge

Config Features

  • Wired WAN
  • Wifi LAN
  • Firewall/NAT
  • Isolated Guest Wifi Network
  • L2TP over IPSec Remote Access VPN

Configuration File Home AP+Router w/L2TP VPN & Guest Wifi

Download this File cap-lite-example-config.rsc

Customize Before Use

Before you use the above configuration in your router you will want to change the WiFi SSIDs, Wireless Password, L2TP Shared Secret, PPP username/password.

  • Line 10: Wireless SSID
  • Line 29: Guest Wireless SSID
  • Line 20-21: Wireless Password
  • Line 24-25: Guest Wireless Password
  • Line 54: IPSec Secret (PreShared Key)
  • Line 85: VPN username & password

Configuration Details

  • WAN Interface: ether1 (IP:DHCP Assigned)
  • LAN Interface: bridge (IP:
  • Wifi Interface: wlan1 (SSID: Mikrotik)
  • Guest Wifi Interface: wlan2 (SSID: Mikrotik-Guest)
  • LAN Subnet:
  • DHCP Pool:
  • VPN Pool:


cAP Lite Model Number: RBcAPL-2nD

What’s Next? Checkout my other MikroTik Tutorials!

NetScout LinkRunner G2

LinkRunner G2 is the ultimate network cable test tool

CAT5 Cable Tester, Measure Cable Length,
PoE Voltage, Network Connectivity, Switch Port ID
Optional Wireless & Fiber Optics Modules
Check Price on Amazon

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.