If you want to make your Mikrotik to be OpenVPN Client you can follow this guide.
- Can remote mikrotik from Pritunl VPN Server Endpoint
- Mikrotik
- Pritunl Server
- Install Pritunl. Here.
- Create TCP Server with
TLS Auth & lzo compression
disable
## Stop server
mongo pritunl
db.servers.update({"name" : "mikrotik"}, {$set: { "tls_auth" : false}})
db.servers.update({"name" : "mikrotik"}, {$set: { "lzo_compression" : "adaptive"}})
Verify :
db.servers.find({"name" : "mikrotik"}, {name:1, tls_auth:1})
## Restart server
- Dump profile VPN
Create 2 file,
crt
&key
you can get from your .ovpn file
nano crt.crt #include ca & crt
nano key.key
- Import to Mikrotik
scp crt.crt mikrotik@192.168.1.1:/
scp crt.key mikrotik@192.168.1.1:/
certificate import file-name=crt.crt
certificate import file-name=key.key
certificate print
- Create ovpn profile
ppp profile add name=OVPN-client change-tcp-mss=yes only-one=yes use-encryption=yes use-mpls=no use-compression=no
ppp profile print
- Create interface on PPP
interface ovpn-client add name=ovpn-client connect-to=xxx.xxx.xxx.xxx port=1194 mode=ip user="openvpn" password="" profile=OVPN-client certificate=client.crt_0 auth=sha1 cipher=blowfish128 add-default-route=yes
- Verify
interface ovpn-client print
interface ovpn-client monitor 0
ip route print
- Enable SSH Tunnel Mikrotik
Activate SSH on IP > Service > SSH
/ip ssh set forwarding-enabled=both
- Access
So you can ssh your Mikrotik with
IP Internal VPN:22
ssh mikrotik@ip_internal_vpn -D 500
You can access on SOCKSv5 500 to reach network mikrotik pools.