Mikrotik Tutorial 43: Configuring OpenVPN in Mikrotik Router for Remote User

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

everyone welcome back to another tutorial from land my critic configurations risk to this topic is about configuring openvpn mitotic travel in this video I'll show you how to configure open between in micro powder and how the remote user can log into head of his between server and work from remote location open B pin is just like other types of VPN service like PPTP lttp or STV this open beeping can be used for site-to-site VPN or and also can be configured as VPN server line model by connected into a paean server when VPN has complete security features so it is safer than other types of behavior in this video we will see the Open Meetings our client model where remote user connect to head office network by Open VPN client software from Windows PC for PPTP and l2tp there are built-in VPN client apps available on windows but for open you can we have to use third-party application let me show you the diagram this is our laps in Orion this is the open between server in head office this is the local block here 191 1600 0/24 and this is the remote user will connect to head of his PI Open VPN tunnel and get the same address range from this local block open between server and client configuration requires a certificate from secure communication Mike Rotary Club or OS version 6 gives ability to create store and manage certificate in certificate store so we will create open between satterfield from our router always ok we need three types of certificate for open between server and client configuration Cu certificate server certificate and client certificate let me know in - my man Roger first we will create C certificate this we have to go to the system and then to the certificate I'm gonna dip my sign to act see you come on in is a two parameters are important so you and in the keys step will keep only zero sign and keep chart sign click apply and then click sign button in the series here opposed this is our server just click start sign certificate is created for CA it server certificate plus sign to that and the keys this keep the digital signature key and cipher mapped check this entire server click apply click the sign button see see it start the signs are discrete it now see if you see this busted value is known don't click on it you can the general tab click in the trusted here click apply and ok now the final part is to create client certificate outside [Music] cool name is flying look at the key use a step and here we'll take this TLS client only why I'm the sign see is just it Kara science that if it is done for client I will export CA and plane certificates so that when VPN client can use this certificate open different server will use server certificate from micro Ricardo aside for Easter but client certificate has to supply to the open end so we need to explore tryin certificate and see a certificate from robust Saturday's but double click on the CA you know click on the export click export this file not stored in my critic file section you know we will click on export again and from the drop down here will select point and in the export a space will give a password password must be a correct along this password has to provide when opening plan needs to connect just one it takes for a now we check from the file section the left and click in France you see three files has been created and two is certificate file and one is key file you know copy those three click on this button to copy now in my desktop I have a folder and certificate or just paste it here okay now we go back to now we'll go to the PPP menu and from the interface tab click on the VPN server in here we have to select certificate as server requests when certificate ok for authentication will select only sha-1 for cipher select a is 256 micro declared support so openly pin with TCP port 1 1 9 foot now take this box to enable the service line ok now we have to create a user and password for remove user do this we have to go to the sacred tab assign craft type a username for the remote user anything you can type so they give us tests service or VPN the local addresses of server plus 1 this is the local address this morning [Music] when the user will connect as OB p.m. he will get this IP from the server Lyon okay now to set up Open VPN client we need to download third-party application if there is no open between Klein EPS a level in the softening system like I'll to the P or PPTP you'll go to the browser downwards check for the file yeah I'm using the stem so I will download this one no download this computer just click on here we're going to install the software you can stop our solution is done click Next check this once ok this application will help us to connect with Open VPN server now we'll have to enter the Open VPN folder take the seed line problem funds you know only peon but now we have to enter the config folder let me certificate the file that we have created copy it and paste it in the config 400 you you name it this - clanky now we have to create a file with dot Philippian extension i'm already open it here on my doctor last now she have the text file with templates if anyone needs just comment in my video in here you say in the remote section when it was specify our server address $107 - which is encode is one one nine four okay I will save it as top between ingress flying the desktop and save this one it then paste it on the country [Music] if I go down the bottom line you can see I have a specific user pass secret which means our user password authentication should be stored in a file called secret so we'll have to make this secret file now click new your users will be p.m. as we suggest that we specified in the sacred tab this one okay you say we just secret [Music] each year and without this tip config folder this username and password will be used to dial the VPN server you have to save this file without any extension to do this we will have to sure you want to change it yes if you don't see this extension in your folder you can do this click on the view and just to take this box show the extension fight and check this one see there is no extension so just take this box to see this extension now we'll click on the Start menu click on open be Pingree and click on the icon 3 on the taskbar right click on it click connect it will ask to put incline salivate password that you have given during client certificate Expo which is one two three four five six seven eight like okay [Music] okay you can see client is now connected the cyanide B is one night one six eight one two four one this is our open D Pingree for Windows okay what you can do is check from out my quick rubber and see from the active connections you see our user is connected a pin and the user got the IP address that we have a specified one man once except one or two for one so you can configure open between server might recover and also you can configure Open VPN client on Windows PC that's all for today subscribe my channel for more videos thanks for watching

Info

Channel: techie LAB

Views: 55,284

Rating: undefined out of 5

Keywords: openvpn certificate maker, openvpn server and windows client, openvpn in mikrotik router, mikrotik openvpn server, openvpn server, mikrotik openvpn setup, mikrotik openvpn certificate, mikrotik create certificate, ovpn server mikrotik, openvpn connect windows client, setup openvpn server in mikrotik, openvpn server configuration, routeros openvpn, openvpn mikrotik server, simple openvpn mikrotik, mikrotik openvpn server configuration, openvpn, openvpn in mikrotik

Id: WzApPczmA_c

Channel Id: undefined

Length: 12min 42sec (762 seconds)

Published: Sat Apr 11 2020