Servidor OpenVpn Mikrotik

Leave a comment

Creamos el certificado

/certificate
add name=ca-template common-name=catest days-valid=3650 key-size=2048 key-usage=crl-sign,key-cert-sign


add name=server-template common-name=test days-valid=3650 key-size=2048 key-usage=digital-signature,key-encipherment,tls-server


add name=client-template common-name=client days-valid=3650 key-size=2048 key-usage=tls-client

Firmamos

/certificate
sign ca-template name=ca-certificate


sign server-template name=server-certificate ca=ca-certificate


sign client-template name=client-certificate ca=ca-certificate

Exportamos

/certificate
export-certificate ca-certificate export-passphrase=»»


export-certificate client-certificate export-passphrase=12345678

Creamos el Pool

/ip
pool add name=»vpn-pool» ranges=192.168.8.10-192.168.8.99

Creamos perfil de usuarios

/ppp
profile add name=»vpn-profile» use-encryption=yes local-address=192.168.8.250 dns- server=192.168.8.250 remote-address=vpn-pool


secret add name=user profile=vpn-profile password=password

Arrancamos

/interface ovpn-server server
set default-profile=vpn-profile certificate=server-certificate require-client-certificate=yes auth=sha1 cipher=aes128,aes192,aes256 enabled=yes

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>