Scribd Logo
Upload

Welcome to Scribd!

  • Servervpn

    Uploaded by

    Dwi Wahyuningsih
    11 views1 page
    The document provides instructions for setting up an OpenVPN server on a MikroTik router. It defines variables for the certificate details and generates a CA certificate signed by itself. It then generates a server certificate signed by the CA and a client template. It creates an IP pool for clients and an OpenVPN profile. Finally, it configures the OpenVPN server interface and adds a firewall rule to allow OpenVPN traffic.

    Original Description:

    Q

    Original Title

    servervpn

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides instructions for setting up an OpenVPN server on a MikroTik router. It defines variables for the certificate details and generates a CA certificate signed by itself. It then generates a server certificate signed by the CA and a client template. It creates an IP pool for clients and an OpenVPN profile. Finally, it configures the OpenVPN server interface and adds a firewall rule to allow OpenVPN traffic.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    11 views1 page

    Servervpn

    Uploaded by

    Dwi Wahyuningsih
    The document provides instructions for setting up an OpenVPN server on a MikroTik router. It defines variables for the certificate details and generates a CA certificate signed by itself. It then generates a server certificate signed by the CA and a client template. It creates an IP pool for clients and an OpenVPN profile. Finally, it configures the OpenVPN server interface and adds a firewall rule to allow OpenVPN traffic.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    # Setup OpenVPN Server and generate certs

    #
    # Change variables below and paste the script
    # into MikroTik terminal window.
    #

    :global CN [/system identity get name]


    :global COUNTRY "ID"
    :global STATE "Jawa Tengah"
    :global LOC "Bawang"
    :global ORG "Luwak Network"
    :global OU "TKJ"
    :global KEYSIZE "2048"

    ## functions
    :global waitSec do={:return ($KEYSIZE * 10 / 1024)}

    ## generate a CA certificate
    /certificate
    add name=ca-template country="$COUNTRY" state="$STATE" locality="$LOC" \
    organization="$ORG" unit="$OU" common-name="$CN" key-size="$KEYSIZE" \
    days-valid=3650 key-usage=crl-sign,key-cert-sign
    sign ca-template ca-crl-host=127.0.0.1 name="$CN"
    :delay [$waitSec]

    ## generate a server certificate


    /certificate
    add name=server-template country="$COUNTRY" state="$STATE" locality="$LOC" \
    organization="$ORG" unit="$OU" common-name="server@$CN" key-size="$KEYSIZE" \
    days-valid=3650 key-usage=digital-signature,key-encipherment,tls-server
    sign server-template ca="$CN" name="server@$CN"
    :delay [$waitSec]

    ## create a client template


    /certificate
    add name=client-template country="$COUNTRY" state="$STATE" locality="$LOC" \
    organization="$ORG" unit="$OU" common-name="client" \
    key-size="$KEYSIZE" days-valid=3650 key-usage=tls-client

    ## create IP pool
    /ip pool
    add name=VPN-POOL ranges=192.168.242.128-192.168.242.224

    ## add VPN profile


    /ppp profile
    add dns-server=192.168.242.1 local-address=192.168.242.1 name=VPN-PROFILE \
    remote-address=VPN-POOL use-encryption=yes

    ## setup OpenVPN server


    /interface ovpn-server server
    set auth=sha1 certificate="server@$CN" cipher=aes128,aes192,aes256 \
    default-profile=VPN-PROFILE enabled=yes mode=ethernet netmask=24 port=1199 \
    require-client-certificate=yes

    ## add a firewall rule


    /ip firewall filter
    add chain=input dst-port=1199 protocol=tcp comment="Allow OpenVPN"

    You might also like