Difference between revisions of "Mikrotik: OpenVPN - Server ke PC dari wiki mikrotik"

Sumber: https://wiki.mikrotik.com/wiki/Manual:Interface/OVPN

Certificate

Certificate Generate

/certificate
add name=ca-template common-name=example.com days-valid=3650 key-size=2048 key-usage=crl-sign,key-cert-sign
add name=server-template common-name=*.example.com days-valid=3650 key-size=2048 key-usage=digital-signature,key-encipherment,tls-server
add name=client-template common-name=client.example.com days-valid=3650 key-size=2048 key-usage=tls-client
add name=client1-template common-name=client1.example.com days-valid=3650 key-size=2048 key-usage=tls-client

Certificate Sign

Proses signing akan membutuhkan waktu, harap sabar.

/certificate
sign ca-template name=ca-certificate
sign server-template name=server-certificate ca=ca-certificate
sign client-template name=client-certificate ca=ca-certificate
sign client1-template name=client1-certificate ca=ca-certificate

Certificate Trust

/certificate
set ca-certificate trusted=yes
set server-certificate trusted=yes

Certificate Export

/certificate
export-certificate ca-certificate export-passphrase=""
export-certificate client-certificate export-passphrase=12345678
export-certificate client1-certificate export-passphrase=12345678

Cek bahwa sudah di generate menggunakan

/file print

Server

/interface ovpn-server server set enabled=yes 
/interface ovpn-server server set certificate=server-certificate 
/interface ovpn-server server print 

/ip pool add name=ovpn-pool range=192.168.77.2-192.168.77.254
/ppp profile add name=ovpn local-address=192.168.77.1 remote-address=ovpn-pool
/ppp secret
  add name=client1 password=123456 profile=ovpn
  add name=client2 password=123456 profile=ovpn
  add name=onno password=123456 profile=ovpn

Referensi

• https://wiki.mikrotik.com/wiki/Manual:Interface/OVPN