9/28/2023 0 Comments Openvpn mikrotik![]() ![]() In web interface or Winbox on router B, go to "System" & "Certificates" and import the CA and the client certificate. certificate export-certificate client1 export-passphrase=xxxxxxxx Copy these two files off router A and onto router B, this is easy to do in the web interface or Winbox. certificate set server trusted=yes Now export the CA and the client certificate so they can be copied onto the Mikrotik router for Site B: certificate sign ca=m圜a client1-template name=client1 Set CA and server cert as trusted: To enable Two Factor Authentication for clients (a.k.a. ![]() This single file can then be given to a client for access to the VPN. certificate sign ca=m圜a server-template name=server Conveniently, beznosa/openvpn-mikrotik comes with a script called ovpngetclient, which dumps an inline OpenVPN client configuration file. certificate sign ca-template ca-crl-host=192.168.88.1 name=m圜a certificate add name=client1-template common-name=client1 Change the common-name to something more descriptive if you want. certificate add name=server-template common-name=server Generate templates: /certificate add name=ca-template common-name=m圜a key-usage=key-cert-sign,crl-sign
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |