FYI : i followed the subject instructions also for site to site openvpn (between 2 mikrotik routers)and working great . congrats for the clear instructions
When you create the certifying authority uses the public ip or gateway router ? I did as I taught,but gave error here. error:Tue May 26 22:21:52 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Tue May 26 22:21:52 2020 TLS Error: TLS handshake failed Tue May 26 22:21:52 2020 Fatal TLS error (check_tls_errors_co), restarting
is this still need IP Public on Server OpenVPN side ? what if mikrouik router side dosn't have IP Public from ISP, how to connect workstation client as a part of the Mikrotik Network, thanks 🙏
Hi sir thanks for this awesome video Sir I I have some issue with this I do each single step and follow you But when I connect openvpn client through same network from windows that connection succeed but When I'm trying to connect from outside network the VPN not connecting please help
It should work. Specify CA and Client Certificate properly in client configuration file. Also you can follow this article: systemzone.net/mikrotik-openvpn-configuration-on-tcp-port-443-with-windows-os/
Thank you so much for sharing!! I'm able to connect from my client to the OpenVPN server. However, when I check the WAN IP of my client, it is still showing me the IP of the public network that I'm behind and NOT the IP of the OpenVPN server. Any thoughts? Thank you.
I live in Suzhou next to Shanghai. At first, I used IKEV2 VPN, but it didn't work well, so I'm currently using Panda VPN's stealth method. I am using it to my satisfaction. If v2 does not work, try steerlh. Openvpn = Stealth
after follow all step Mon Jul 16 11:23:43 2018 us=793415 disabling NCP mode (--ncp-disable) because not in P2MP client or server mode Options error: On Windows, --ifconfig is required when --dev tun is used Use --help for more information.
I found the solution.I must put in config file this command "redirect-gateway autolocal" and all my traffic is now going through a remote OVPN server.Thanks
Hi @@LokeshKumarJ-qn4bq in client.ovpn file. Below i paste content of my ovpn config file. client dev tun redirect-gateway autolocal proto tcp-client remote xxx.xxx.253.77 port 5002 nobind persist-key persist-tun tls-client remote-cert-tls server ca ca.crt cert client.crt key client.key verb 4 mute 10 cipher AES-256-CBC auth sha1 auth-user-pass user.pass auth-nocache Best regards
Hello Grand Chief, I need your help. I would like to access the internet remotely via my mikrotik router which is at home via a VPN connection. is it possible to become an internet access provider via VPN PPTP ?? STP answer me
Hi, I can't make it work... I have a mikrotik router on my work, and because of covid-19 we are trying to set up open-vpn connections. I've followed you step-by-step, replacing the IP's with mine, but after writing down my password I get the "TCP: connect to [AF_INET]MyIP:PORT failed, will try again in 5 seconds" error... I've tryed setting off my windows fw... nothing...
You need to add an internal route in every machine, something like "route add vpnLanAddress mask netmask mikrotikLanAddress -p" "route add 10.10.1.0 mask 255.255.255.0 192.168.1.254 -p" this example work for windows
In step 2, at the time of exporting CA certificate, the key file is generated by MikroTik. Follow this article to get detail: systemzone.net/mikrotik-openvpn-setup-with-windows-client
Pagal bana raha hai bhai, whatsmyip kar k dekha kon sa ip address milta hai tujhe, tujhe wohi ip address milay ga jo tere system ka hai na k mikrotik router k WAN ka . i need non-split tunneling rather than split tunneling.
FYI : i followed the subject instructions also for site to site openvpn (between 2 mikrotik routers)and working great . congrats for the clear instructions
Thank you! Your video is very clear and precise. I managed to setup vpn for my office.
Bro your video really easy understand, thanks for your sharing and now i can setup my VPN easily.
thank you! It has been very easy to understand because of the way you did it
Very nice and useful tutorials. Keep up the good work!
Thank you BRO !!! Your video manual best :)))
Mikrotik nat firewall configuration and port forwarding are missing
When you create the certifying authority uses the public ip or gateway router ? I did as I taught,but gave error here.
error:Tue May 26 22:21:52 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue May 26 22:21:52 2020 TLS Error: TLS handshake failed
Tue May 26 22:21:52 2020 Fatal TLS error (check_tls_errors_co), restarting
is this still need IP Public on Server OpenVPN side ? what if mikrouik router side dosn't have IP Public from ISP, how to connect workstation client as a part of the Mikrotik Network, thanks 🙏
Only you to save me!!! very thanks!!!
Hi sir thanks for this awesome video
Sir I I have some issue with this I do each single step and follow you
But when I connect openvpn client through same network from windows that connection succeed but When I'm trying to connect from outside network the VPN not connecting
please help
Thanks, it works, the bad thing was that Verify Client Certificate doesn't work.
It should work. Specify CA and Client Certificate properly in client configuration file. Also you can follow this article: systemzone.net/mikrotik-openvpn-configuration-on-tcp-port-443-with-windows-os/
Great!!! Thank you for the video
i did the 2 mikrotik routers connect via OpenVPN site to site, how can i connect a remote computer to connect to the network?
What if we don't have public static IP address on Wan Or our mikrotik Wan behind NAT . Can we do same process .
Thank you so much for sharing!! I'm able to connect from my client to the OpenVPN server. However, when I check the WAN IP of my client, it is still showing me the IP of the public network that I'm behind and NOT the IP of the OpenVPN server. Any thoughts? Thank you.
Is there any chance to take the printout from remote Server to VPN client machine?
I live in Suzhou next to Shanghai. At first, I used IKEV2 VPN, but it didn't work well, so I'm currently using Panda VPN's stealth method. I am using it to my satisfaction. If v2 does not work, try steerlh. Openvpn = Stealth
after follow all step
Mon Jul 16 11:23:43 2018 us=793415 disabling NCP mode (--ncp-disable) because not in P2MP client or server mode
Options error: On Windows, --ifconfig is required when --dev tun is used
Use --help for more information.
have you solved?
Phenomenal. Thanks...
what model of mikrotik?
Thank you so much !!! You made my day !!! Works like a charm :-)
I have no internet connection after configuring ovpn with those steps. Any ideas where I went wrong?
At 6:20 am the MAC address is that of the server?
What setting needs to be done so that the the vpn client runs the internet through the vpn server
Hello friend, it works great!!!! Please tell me can i use the same keys to other miktotik so from client side i have only a pair of certificates??
Gracias, de verdad gracias!!!
how to create ovpn config file sir.
Do any of the routers require public ip?
Tks your video. I have a question "Where did you get client.ovpn file??".
you will find client.ovpn in this article systemzone.net/mikrotik-openvpn-setup-with-windows-client/
you can fix error for me, please :(
Hi, many Thanks.
Could this VPN client out to the gateway your remotely routers (OVPN Server Mikrotik)?
I would be on internet via OVPN server.
I found the solution.I must put in config file this command "redirect-gateway autolocal" and all my traffic is now going through a remote OVPN server.Thanks
@@luxli7643 In Which Line i have to add ???
Hi @@LokeshKumarJ-qn4bq in client.ovpn file.
Below i paste content of my ovpn config file.
client
dev tun
redirect-gateway autolocal
proto tcp-client
remote xxx.xxx.253.77
port 5002
nobind
persist-key
persist-tun
tls-client
remote-cert-tls server
ca ca.crt
cert client.crt
key client.key
verb 4
mute 10
cipher AES-256-CBC
auth sha1
auth-user-pass user.pass
auth-nocache
Best regards
@@luxli7643 Thank you! I was seeking 2 days for this solution :)
how to make a client.key file?
I don't have public IP on mikrotik or not port forwarding facility at wan
Can I do this without having public IP on mikrotik
i have a question sir
1000000000000% working thanks
Hello Grand Chief, I need your help. I would like to access the internet remotely via my mikrotik router which is at home via a VPN connection. is it possible to become an internet access provider via VPN PPTP ?? STP answer me
Hi sir, I have one question, from VPN i can access all pc from lan, but from LAN i can not access any client from VPN, what's wrong ?
Hi, I can't make it work... I have a mikrotik router on my work, and because of covid-19 we are trying to set up open-vpn connections. I've followed you step-by-step, replacing the IP's with mine, but after writing down my password I get the "TCP: connect to [AF_INET]MyIP:PORT failed, will try again in 5 seconds" error... I've tryed setting off my windows fw... nothing...
Follow this article step by step: systemzone.net/mikrotik-openvpn-configuration-on-tcp-port-443-with-windows-os/
what if I don't fill in 'CA CRL HOST' while I make ' Certificates'?
can it work?
thank you so much :)
for this can i need static ip on both sides
No, only server need static IP
@@SystemZone thanks for your reply, can i get your skype id or whatsapp Number ?
for accessing it across the Internet?
yes bro.
@@SystemZone I should port forward the external ip(of the mikrotik)on the modem?
does it work with dynamic ip addr (at the wwan)??
No, for all vpn you should have static public IP on WAN interface.
hi!, it's a great tutorial, the conecction to mikrotik works fine, but.. i need hel to reach the machines on my internal lan. can you help me please?
You need to add an internal route in every machine, something like "route add vpnLanAddress mask netmask mikrotikLanAddress -p" "route add 10.10.1.0 mask 255.255.255.0 192.168.1.254 -p" this example work for windows
Very good
Thanks
Everything is working fine. The client receives the IP from the router but it is not assigning the gateway. Even in this tutorial gateway is empty
where do you get ovpn file?
Só criar um arquivo no bloco de notas igual ao dele e renomear para client.ovpn
THX very much
Where did you get the Key file?
after exporting the CA the returns
to make the export of CA but this time add a key of this is the key file.
do not skip the steps ;D
I am trying to see the key export in your video but cannot find it. Can you please tell me where in the video is?
In step 2, at the time of exporting CA certificate, the key file is generated by MikroTik. Follow this article to get detail: systemzone.net/mikrotik-openvpn-setup-with-windows-client
again as with all other instructions - access from VPN to LAN does not work - how to make LAN accessible to clients from VPN ?? 🤷♂
Your steps are okay. Is it possible you speak while presenting. Consider that in your next presentation.
I'm unable to config mine. I use to cofigure netgear router. Mikrotik is different. I'm not an informatician
No funciona
thank you
but no G.Wy
Pagal bana raha hai bhai, whatsmyip kar k dekha kon sa ip address milta hai tujhe, tujhe wohi ip address milay ga jo tere system ka hai na k mikrotik router k WAN ka . i need non-split tunneling rather than split tunneling.
clicker