文章索引
Page No
./build-ca
Next, generate a server certificate and private key:
./build-key-server mikrotik
Move to the keys directory (/etc/openvpn/easy-rsa/keys):
cd /etc/openvpn/easy-rsa/keys/
Copy the ca certificate, server certificate and key to the mikrotik router:
ncftpput -u admin 10.10.10.1 / ca.crt mikrotik.crt mikrotik.key
VPN client also need a certificate to authenticate itself to the server. Move to the /etc/openvpn/easy-rsa/directory and create the different certificate for each client:
cd /etc/openvpn/easy-rsa/ source vars ./build-key arbabpc
Mikrotik OpenVPN Server Configuration:
1) Connect to the Mikrotik using Winbox. Goto the Files,there you will find all the files, that you have copied from Linux server:
2) Then goto the System —> Certificates:
Click on Import Button, then select the ca certificate file (in my case, it is ca.crt) and press Import:
Double click on the imported certificate and change its name (This step is optional):
Once again,click on Import Button, then select the server certificate file (in my case, it is mikrotik.crt) and pressImport:
Next, import the server key using the above step:
Double click on the imported server certificate and change its name (This step is optional):
Once you have imported the private key, the server certificate will get the “KR” written in-front of it:
K: Decrypted-Private-Key R: RSA
Next we need to create the pool for openvpn client, for this, goto the IP—->Pool:
Create each pool of /30 subnet:
