OpenVPN configuration on MikroTik
OpenVPN configuration on MikroTik

OpenVPN configuration on MikroTik

Posted on

OpenVPN configuration on MikroTik – In this post, we want to review the OpenVPN in Mikrotik and how to do the configuration. In many topics and forums where Mikrotik users talk about OpenVPN and on average, almost 90% of them have problems in implementing or how to carry out a correct OpenVPN installation.

What is OpenVPN?

OpenVPN configuration on MikroTik
OpenVPN configuration on MikroTik

OpenVPN a type of VPN for interconnecting local networks using public networks (WAN / Internet) with secure communications. This VPN commonly used when large information security required. By default, OpenVPN uses UDP port 1194 and a certificate required for each feature to connect. For client compatibility, OpenVPN can be built into almost any Operating System with the encouragement of third party applications. OpenVPN uses the sha1 and md5 algorithms for the authentication process, and uses some of the ciphers, namely blowfish128, aes128, aes192 and aes256. Traffic passing through the OpenVPN tunnel will face ± 16% overhead.

OpenVPN configuration

OpenVPN configuration
OpenVPN configuration

For example problems, we want to try to connect 2 networks using OpenVPN. Each network has 1 router for the main gateway.

Initially, to increase the security of this OpenVPN connection, we want to increase the certificate on the server as well as on the client. The steps for making certificate can be seen in the previous post here.

After we create a certificate, we want to first activate OpenVPN Server on the main gateway router at Office A. Select PPP menu → on the Interface tab, click on the OVPN Server Command button. After that, to activate OpenVPN Server, check the Enabled option. We also add a certificate for an OpenVPN connection in Office A like OVPN Server in the Certificate parameter as shown below.

Interface Static OpenVPN

To make it easier to improvise settings, on OpenVPN Server we will create a static interface for OpenVPN manually. In fact, if we don’t make this interface, the router will dynamically create an OpenVPN interface by the router when the OpenVPN connection established.
PPP → Interfaces → Add [+] → OpenVPN Server Binding. And, fill in the required parameters according to the following image display. For the parameter ‘User’, enter it according to the name in the PPP Secret that we have created.

Next, we will configure ‘Kantor B’ as an OpenVPN Client. We select the PPP menu → Interfaces → Add [+] → OVPN Client. Then enter each parameter as shown below.

End, If OpenVPN successfully connected, we can see the OpenVPN Server router in the PPP → Active Conections menu. There will be displayed,  information from client devices that are successfully connected to OpenVPN Server.