Skip to content

Instantly share code, notes, and snippets.

@gilangvperdana
Last active Sep 10, 2022
Embed
What would you like to do?
Remote Mikrotik from OpenVPN Client with Pritunl VPN Server

Mikrotik OpenVPN Client

If you want to make your Mikrotik to be OpenVPN Client you can follow this guide.

Goals

  • Can remote mikrotik from Pritunl VPN Server Endpoint

Environment

  • Mikrotik
  • Pritunl Server

Execution

  • Install Pritunl. Here.
  • Create TCP Server with TLS Auth & lzo compression disable
## Stop server
mongo pritunl
db.servers.update({"name" : "mikrotik"}, {$set: { "tls_auth" : false}})
db.servers.update({"name" : "mikrotik"}, {$set: { "lzo_compression" : "adaptive"}})

Verify :
db.servers.find({"name" : "mikrotik"}, {name:1, tls_auth:1})

## Restart server
  • Dump profile VPN Create 2 file, crt & key you can get from your .ovpn file
nano crt.crt #include ca & crt
nano key.key
  • Import to Mikrotik
scp crt.crt mikrotik@192.168.1.1:/
scp crt.key mikrotik@192.168.1.1:/
certificate import file-name=crt.crt
certificate import file-name=key.key
certificate print
  • Create ovpn profile
ppp profile add name=OVPN-client change-tcp-mss=yes only-one=yes use-encryption=yes use-mpls=no use-compression=no
ppp profile print
  • Create interface on PPP
interface ovpn-client add name=ovpn-client connect-to=xxx.xxx.xxx.xxx port=1194 mode=ip user="openvpn" password="" profile=OVPN-client certificate=client.crt_0 auth=sha1 cipher=blowfish128 add-default-route=yes
  • Verify
interface ovpn-client print
interface ovpn-client monitor 0
ip route print
  • Enable SSH Tunnel Mikrotik
Activate SSH on IP > Service > SSH
/ip ssh set forwarding-enabled=both
  • Access So you can ssh your Mikrotik with IP Internal VPN:22
ssh mikrotik@ip_internal_vpn -D 500

You can access on SOCKSv5 500 to reach network mikrotik pools.

Reference

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment