gilangvperdana/README.md

## README.md

      
    Raw
  

              README.md
            
          
    Mikrotik OpenVPN Client

If you want to make your Mikrotik to be OpenVPN Client you can follow this guide.
Goals


Can remote mikrotik from Pritunl VPN Server Endpoint

Environment


Mikrotik
Pritunl Server

Execution


Install Pritunl. Here.
Create TCP Server with TLS Auth & lzo compression disable

## Stop server
mongo pritunl
db.servers.update({"name" : "mikrotik"}, {$set: { "tls_auth" : false}})
db.servers.update({"name" : "mikrotik"}, {$set: { "lzo_compression" : "adaptive"}})

Verify :
db.servers.find({"name" : "mikrotik"}, {name:1, tls_auth:1})

## Restart server


Dump profile VPN
Create 2 file, crt & key you can get from your .ovpn file

nano crt.crt #include ca & crt
nano key.key


Import to Mikrotik

scp crt.crt mikrotik@192.168.1.1:/
scp crt.key mikrotik@192.168.1.1:/
certificate import file-name=crt.crt
certificate import file-name=key.key
certificate print


Create ovpn profile

ppp profile add name=OVPN-client change-tcp-mss=yes only-one=yes use-encryption=yes use-mpls=no use-compression=no
ppp profile print


Create interface on PPP

interface ovpn-client add name=ovpn-client connect-to=xxx.xxx.xxx.xxx port=1194 mode=ip user="openvpn" password="" profile=OVPN-client certificate=client.crt_0 auth=sha1 cipher=blowfish128 add-default-route=yes


Verify

interface ovpn-client print
interface ovpn-client monitor 0
ip route print


Enable SSH Tunnel Mikrotik

Activate SSH on IP > Service > SSH
/ip ssh set forwarding-enabled=both


Access
So you can ssh your Mikrotik with IP Internal VPN:22

ssh mikrotik@ip_internal_vpn -D 500

You can access on SOCKSv5 500 to reach network mikrotik pools.
Reference


https://github.com/bestwebua/mikrotik-ovpn-client-pbr/blob/master/README.md