Dude....Thank you so much. You can't imaging what I've been through to set a vpn connection lately... The most complete guide. The only addition that I could say is that you could inform people here, that they need to port forward the port 1194(that you did set before for the server) from the ISP Router.
Thanks! It took around 2 hours in total to get it working.. Somehow I mixed NAT and Filter Rules (causing timeout). Also mixed some things between certifcates 🥳 Also, I added redirect-gateway def1 after the route 10.10.10.0 255.255.255.0 so all traffic will go through the OpenVPN.
My LAN subnet is configured as 10.10.10.0/24 and has been Route for remote access. To connect remotely, it is necessary to input your LAN IP subnet address into the OVPN configuration file.
Thanks, really fast and easy. 5:30 - Not sure if this need it, coz with this rule my seervers that from back the router seen Mikrotik IP instead clients ip.
08:50 - Export .ovpn config file - this button is not showing up in my winbox, my routeros version is 7.6, where can I find it to export the config file?
@@Wirenetwork Great dear, The ovpn can connected in the local but difference vlan but tried to other internet or 4G doesn't connect. How to define the problem? Please help dear!
Hi, Thanks for the video, I configure all the guideline as you suggested in video, Openvpn is connected but when i am going to do whatismyserver the IP address is not showing the VPN server IP, that means OPENVPN is going to connect but not reverting on the server, Can you gudie? what could be the issue?
@@Wirenetwork yes!! Internet is working , in openvpn showing connected, Getting IP address as well, showing Mikrotik server IP also, But reverting IP on vpn server
Hello, Thank you so much for this detailed tutorial. However, when I try to connect on OpenVPN connect on my laptop, here is what I get as an error: crypto_alg: AES-GSM-256: not found
@@Wirenetwork i don't have problems, in some tutorial with SITE TO SITE vpn, the .crt with .key of the CA cert and the .crt with the .key of the CLIENT cert are copied to the CLIENT router and imported, then you finish on the second router the configuration creating an interface pointing to the public ip of the server, the last step are the routes on both routers. in this video you are setting up a CLIENT to SITE and not a SITE to SITE vpn, where you need to put the .key file and the .crt file on the CLIENT router. right ?
My Mikrotik router is connected to my primary router, and my Mikrotik is the secondary router connected via LAN. OpenVPN won't connect. Is there anything I need to do to establish the VPN connection after completing the steps in this video?
To begin with, set a static IP in the first router for the second router so that the assigned IP does not change every time you restart it or run out of power. Then forward the port you use for the OVPN connection from the first router to the second router. Normally the port that uses it mikrotik is 1194 but can be changed.
@@razvanalexandru5128 I'll try that since I have that same issue. I also tried removing the primary router and just simply having my router connected directly to the cable modem. Unfortunetly I still wasn't able to connect from an outside network with that configuration as well.
@@Wirenetwork Sorry if I didn't express myself correctly. I installed the client on Android and wanted to set a default route in the VPN tunnel. Instead of ''route 10.10.10.0 255.255.255.0'' I wrote ''redirect-gateway def1''. Thanks for the instructions!
Thank you very much brother, I learned a lot. It works. I just also added a rule on Firewall to accept connection from virtual pool. That way I can remotely manage my mikrotik. Also, in config file, last step, step10, when you type the IP address, you are typing local address of that Mikrotik router, correct?
Unsupported option (ignored): user,group,persist-tun,persist-key,connect-retry Unused options, probably specified multiple times in the configuration file: client "can you help "
Thanks for your tutorial, it works perfectly. Can you explain to me how I can access other subnet segments through the VPN configuration? since the configuration connects without problems but I cannot access the sub networks of my mikrotik, Thanks!
When I connect through OVPN then I upload file and then enter username and password the show enter 'Private Key Password' Which private key should I enter there? 😕😔
I've tried about five VPN setup guides. They all worked, but it was problematic. Your guide made me a perfectly working VPN server. Thank you so much!
Congrats Brother 🎊🎉
@@Wirenetwork hello, can you upload script for mikrotik > terminal automatically create and generate certificates
Dude....Thank you so much. You can't imaging what I've been through to set a vpn connection lately... The most complete guide. The only addition that I could say is that you could inform people here, that they need to port forward the port 1194(that you did set before for the server) from the ISP Router.
Glad I could help!
Best explanation ever, VPN up and running on iphone. Thanks
Subscribe
Thanks! It took around 2 hours in total to get it working.. Somehow I mixed NAT and Filter Rules (causing timeout). Also mixed some things between certifcates 🥳
Also, I added redirect-gateway def1 after the route 10.10.10.0 255.255.255.0 so all traffic will go through the OpenVPN.
My LAN subnet is configured as 10.10.10.0/24 and has been Route for remote access. To connect remotely, it is necessary to input your LAN IP subnet address into the OVPN configuration file.
@@Wirenetwork Aha, my LAN subnet is 192.168.178.1/255.255.255.0, should my route then be 192.168.178.0/24?
Yes
Thank you very much! I wish you and your family healthy and everything best.
Excellent video, Followed the instructions to setup and it is working as charm.👌👌👌👌👌
oh my good fantastik after so many trys this video help me so match big thans for the nice setup big thx perfeckt...
Most welcome 🤗
Excellent, as always
Thanks, really fast and easy. 5:30 - Not sure if this need it, coz with this rule my seervers that from back the router seen Mikrotik IP instead clients ip.
Welcome
08:50 - Export .ovpn config file - this button is not showing up in my winbox, my routeros version is 7.6, where can I find it to export the config file?
Upgrade your routerOS firmware.
Thanks of this time really worked. Nice didatic method. and the sound!!
You're welcome!
Thanks....don't forget to click subscribe 😊
Working properly
Thanks sir
Welcome to wire network family 👍🙏
Pal, you are the best of the best. Excellent tutorial.
Wow, thanks!
In the last step where the openvpn profile is exported 8:30 , I don't have such a button to export openvpn. How to do it?
Upgrade routeros version
Thank you!
Welcome 🤗
Great work man. Excellent example!
Thanks a lot!
nice , informative video
Thanks a lot
The main in this video is of local LAN ips ping... If ping is allowed then perfect video...
Not understand properly what you say ?
@Wirenetwork i configured my MK as per your guidance sir but i am unable to ping local IPs...
Please share your configuration details to netwatchindia@gmail.com..
I will check it
Thanks sir, u save my life😇
Don't forget to subscribe 😊
already sir
@paulusafrianto5205 thanks 🙏
Ecellent!! Save my job!!!!
do i use the same range ip for config route you use in video ? if not . where do i get it
add your Mikrotik LAN IP on route..if you have multiple IP Configure on LAN Side then enter all of it on route.
I don't have static public IP address. How to use openvpn with built-in cloud dns? Thanks
Configure cloud connexa
i didn't find the export button in open vpn server dialog box how can i export it?
Upgrade RouterOS 7
Can you make also config for TAP mode? (L2) thanks for this
Yes, soon
where did you get the IP add 9:58 10.10.10.0 255.255.255.0 ?
This is my local network, I have routed it for remote access. You add your local network.
@@Wirenetwork Thanks
Welcome
Hello Sir, I am tried configure with Mirkotik RB951G-2HnD doesn't have bottun export ovpn. how can i do it for the next?
Upgrade firmware to routeros 7
@@Wirenetwork Great dear, The ovpn can connected in the local but difference vlan but tried to other internet or 4G doesn't connect. How to define the problem? Please help dear!
did you have Static ip address (Mikrotik WAN)
@@Wirenetwork, Thank dear for response! Mikrotik got dhcp or static IP but from local for test. it's not working or we need public IP ?
Hello, dear.. in order to establish a remote access VPN server, a fully qualified domain name (FQDN) or public Static IP Address is required.
Thank you so much!!!
Welcome
Thanks for sharing, but I didn't understand why you add "route 10.10.10.0 255.255.255.0" ?
10.10.10.0/24 is my local network, I rooted it to access it from the outside network
@@Wirenetwork Ok I understand, Thank you very much !
Most welcome....I am happy to help you 😊😊
Hello, thx for this video. I've something wrong with this tutorial "connection timeout" and I don't know why...
Check logs on mikrotik router
@Wirenetwork OK I find my mistake... thx
Most Welcome, May I know what did you mistake??
It works, thanks a lot!
You're welcome!
Good
thank you!
Welcome
i follow the video but i face an error "sorry unsupported options present in configuration" any help
Send me OpenVPN Log details at netwatchindia@gmail.com
Hi, Thanks for the video, I configure all the guideline as you suggested in video, Openvpn is connected but when i am going to do whatismyserver the IP address is not showing the VPN server IP, that means OPENVPN is going to connect but not reverting on the server, Can you gudie? what could be the issue?
Are you able to access the network after connecting to OpenVPN?
@@Wirenetwork yes!! Internet is working , in openvpn showing connected, Getting IP address as well, showing Mikrotik server IP also, But reverting IP on vpn server
Hello, Thank you so much for this detailed tutorial. However, when I try to connect on OpenVPN connect on my laptop, here is what I get as an error: crypto_alg: AES-GSM-256: not found
Open .ovpn file with notepad, then enter cipher AES-256-CBC
@@Wirenetwork Thank you for your reply. I already did that but now it gives connection Timeout .....I doubt I am using the wrong IPs
did you have public ip address on your mikrotik router ?
@@Wirenetwork yes
if you haven't problem then you can share your OpenVPN config file via email at netwatchindia@gmail.com
i will find solution for you.
whats the meaning of CA-CRL-HOST ? what the purpouse ?
Certificate authority host
What problems are you facing in OpenVPN? i can know
@@Wirenetwork i don't have problems, in some tutorial with SITE TO SITE vpn, the .crt with .key of the CA cert and the .crt with the .key of the CLIENT cert are copied to the CLIENT router and imported, then you finish on the second router the configuration creating an interface pointing to the public ip of the server, the last step are the routes on both routers. in this video you are setting up a CLIENT to SITE and not a SITE to SITE vpn, where you need to put the .key file and the .crt file on the CLIENT router. right ?
My Mikrotik router is connected to my primary router, and my Mikrotik is the secondary router connected via LAN. OpenVPN won't connect. Is there anything I need to do to establish the VPN connection after completing the steps in this video?
did you have public static ip on your secondary Router ?
@@Wirenetwork It was set to auto dhcp and obtained a LAN IP from the primary router
To begin with, set a static IP in the first router for the second router so that the assigned IP does not change every time you restart it or run out of power. Then forward the port you use for the OVPN connection from the first router to the second router. Normally the port that uses it mikrotik is 1194 but can be changed.
@@razvanalexandru5128
I'll try that since I have that same issue. I also tried removing the primary router and just simply having my router connected directly to the cable modem. Unfortunetly I still wasn't able to connect from an outside network with that configuration as well.
How to import all of this into OPNsense?
Just import .ovpn config file
@@Wirenetwork In OPNsense Clients, there is no option to import an .ovpn file, at least I couldn't find one. :(
I try doing guide linept but not work😢
Explain in detail what problem you are facing. I will help you if I can.
Hello sir i follow your video and successfully but when check public ip still the same please help me sir ?
Are you able to access your local network after connecting OpenVPN ??
Thank you but unfortunately unable to connect. Don't know what i'm missing
Check mikrotik log
you can also share log details at netwatchindia@gmail.com if it's possible
thank you
Most welcome
what should I do, how do I add a new user certificate????
Send error screenshot to netwatchindia@gmail.com
Thanks, it worked. How to wrap all traffic into a tunnel?
Means ?
@@Wirenetwork Sorry if I didn't express myself correctly. I installed the client on Android and wanted to set a default route in the VPN tunnel. Instead of ''route 10.10.10.0 255.255.255.0'' I wrote ''redirect-gateway def1''. Thanks for the instructions!
VPN Export Option not available On OPEN VPN
Upgrade routeros version
Thank you very much brother, I learned a lot. It works. I just also added a rule on Firewall to accept connection from virtual pool. That way I can remotely manage my mikrotik.
Also, in config file, last step, step10, when you type the IP address, you are typing local address of that Mikrotik router, correct?
Yes..
Unsupported option (ignored): user,group,persist-tun,persist-key,connect-retry
Unused options, probably specified multiple times in the configuration file: client
"can you help "
Can you share your ovpn file ?? I will find solution for you.
@@Wirenetwork how i can send it for you
netwatchindia@gmail.com
@@Wirenetwork check inbox please
Is your problem solved?
Is it okay not to include Private Password Key?
it's mandatory for security purposes
Thanks for your tutorial, it works perfectly.
Can you explain to me how I can access other subnet segments through the VPN configuration?
since the configuration connects without problems but I cannot access the sub networks of my mikrotik,
Thanks!
insert your subnetwork gateway IP address and subnet details into the OpenVPN Config file
@@Wirenetwork I will look for information on how to do it, thanks!
How to find client certificate key
How to find client certificate keys?
Why find the client key?
When I connect through OVPN then I upload file and then enter username and password the show enter 'Private Key Password' Which private key should I enter there? 😕😔
When you export OpenVPN file in MikroTik, you will get the option of private key there. You have to add the same private key in the client.
In OpenVPN server settings you will get the option of Export OVPN.
Vpn connects but unable to ping local pcs...
What's your Local Network IP subnet ?
@@Wirenetwork Is there any rules for allowing into LAN interface?
Can you ping your local gateway from the outside network after connecting vpn
@@Wirenetwork yes gateway ping but local PC are not connecting .... ping of local IPs are not working,,,
Disable your pc firewall then try again
Hello, the VPN connects, but the internet does not work
on client
Add firewall masquerade rule for your VPN IP subnet
Just don't click OK when creating the certs, then you don't have to re-open to click sign
Yes brother you are right... thanks..👍
Obrigado!
Most welcome
Güzel paylaşım teşekkür ler birde şu radius manager ayarlayabilsek yapamıyorum beceremiyorum
for not woking
What happened??
@@Wirenetwork i don't know sir
crypto_alg:aes-gcm-256:not found
I think you made mistake during creating certificates...if it possible then watch my video again.
can I throw off the config?
??
@@Wirenetwork adding route on config file 9:47
Yes..you need to add manual route on config file...like
Route 192.168.0.1 255.255.255.0
@@Wirenetwork But I’m talking about the file itself, the text, can I attach it in the description?
@@Wirenetwork Will this file work on PC?
NOTE: --user option is not implemented on Windows
NOTE: --group option is not implemented on Windows
what is the reason?
I haven't understood what you saying ??
Hello, do you have telegram, or What'sApp?
I need you help me pls!
Yes
@@Wirenetwork can I have your telegram or whatsapp contacts?
@@Wirenetwork or how to contact you?
@odyvanmua netwatchindia@gmail.com
Hey buddy, i try it, but is give me connection fail, peers verification failure .
Mikrotik Log will help you to find the problem... Check logs
How to find client certificate key
No need to find it, you need to create certificate key
How to find client certificate key