Created
May 16, 2018 07:01
-
-
Save rochmad/274f0fa3c240a5ff8c1e21d90db9a878 to your computer and use it in GitHub Desktop.
Mikrotik SSTP VPN with Singed Certificates Comodo SSL, CRL Enable
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://wiki.mikrotik.com/wiki/Manual:Interface/SSTP | |
| how to enable SSTP with Comodo SSL, | |
| first generate like normaly, | |
| and you will get | |
| crt in pk8 format, and convert it to crt, | |
| and then import to mikrotik server, | |
| key from generate, and crt, | |
| ########### | |
| mikrotik: | |
| /certificates | |
| import file-name=star.0mads.com.crt | |
| import file-name=star.0mads.com.key | |
| ############ | |
| create pool | |
| ip pool add name=SSTP_Pool_Local_Address ranges=172.16.5.2-172.16.5.100 | |
| ip pool add name=SSTP_Pool_Remot_Address ranges=172.16.5.102-172.16.5.200 | |
| ############ | |
| create profile | |
| /ppp | |
| profile add name=SSTP_Profile local-address=SSTP_Pool_Local_Address remote-address=SSTP_Pool_Remot_Address dns-server=172.16.10.1,8.8.8.8 use-encryption=yes use-compression=yes only-one=default | |
| ############ | |
| create user secret | |
| /ppp | |
| secret add name=user1 password=user1 service=any profile=SSTP_Profile | |
| ############ | |
| ############ | |
| enable sstp on mikrotik | |
| /interface sstp-server server | |
| set enabled=yes authentication=mschap1,mschap2 force-aes=yes pfs=yes tls-version=any default-profile=SSTP_Profile port=443 certificate=star.0mads.com.crt | |
| now, you shuldable to conect sstp via IP public |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment