Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 6 of 6
  1. #1
    Status
    Offline
    arieonline's Avatar
    Member
    Join Date
    Jun 2009
    Location
    Bogor
    Posts
    123
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    [ask] mikrotik sebagai openvpn client

    saya punya config openvpn sbb:

     
    Code:
    auth-user-pass pass.txt
    client
    dev tap
    proto tcp
    
    remote 172.17.5.55 443
    connect-retry 5
    
    nobind
    ping 5
    ping-restart 120
    persist-key
    persist-tun
    persist-remote-ip
    mute-replay-warnings
    verb 2
    
    cipher none
    
    <ca>
    -----BEGIN CERTIFICATE-----
    MIIDVTCCAr6gAwIBAgIJAJPg/EU2ITyYMA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNV
    BAYTAlVTMQswCQYDVQQIEwJDQTEVMBMGA1UEBxMMU2FuRnJhbmNpc2NvMRUwEwYD
    VQQKEwxGb3J0LUZ1bnN0b24xDjAMBgNVBAMTBWpva2FtMSEwHwYJKoZIhvcNAQkB
    FhJtZUBteWhvc3QubXlkb21haW4wHhcNMTEwNjE5MTM0NTM3WhcNMjEwNjE2MTM0
    NTM3WjB7MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFTATBgNVBAcTDFNhbkZy
    YW5jaXNjbzEVMBMGA1UEChMMRm9ydC1GdW5zdG9uMQ4wDAYDVQQDEwVqb2thbTEh
    MB8GCSqGSIb3DQEJARYSbWVAbXlob3N0Lm15ZG9tYWluMIGfMA0GCSqGSIb3DQEB
    AQUAA4GNADCarieonlinepxs6LBBTozDzley6/fReXbaHWAUaNJk770OBeEbPN+Z
    IweuYNpKSdkZ9TwaspeVqbBdMTD7KI3GJdKJ1m3+dnssQi+z9lianxB2kNsuAgpe
    x9qXQ9wM3rHumvyzomjhereSZrvblAFBdqxi2MYZMzXZS6tziaUQ7pkxvGFm2wID
    AQABo4HgMIHdMB0GA1UdDgQWBBQ6B/v5LG7odSASmPZzv2JQCC082TCBrQYDVR0j
    BIGlMIGigBQ6B/v5LG7odSASmPZzv2JQCC082aF/pH0wezELMAkGA1UEBhMCVVMx
    CzAJBgNVBAgTAkNBMRUwEwYDVQQHEwxTYW5GcmFuY2lzY28xFTATBgNVBAoTDEZv
    cnQtRnVuc3RvbjEOMAwGA1UEAxMFam9rYW0xITAfBgkqhkiG9w0BCQEWEm1lQG15
    aG9zdC5teWRvbWFpboIJAJPg/EU2ITyYMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcN
    AQEFBQADgYEAnyeNMLh3cAcvpQwllk1vCtBEY0iXjX0g18ZMPf+AfgiCNtuSbT9U
    mAVzM/sj+M+twgI6KtD1re8U/8ZsGZqf/LT+ZPSKjMy6kXvOQ1Rh8ja/aIhA1hZO
    z0SL0Jm9E+DnNx7O4bT57zJwyTCjR89XlOi+rziDDDAlPnp8ctB4T3M=
    -----END CERTIFICATE-----
    </ca>


    klo di linux client cukup dijalankan pake perintah
    sudo openvpn 443.conf

    nah saya mau agar mikrotik juga bisa connect ke openvpn tsb gimana yah?

    nb:
    openvpn tsb tidak pake certificate per user, cukup ca.crt plus username dan password
    Last edited by arieonline; 22-10-2012 at 16:54.

  2. #2
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,696
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0
    tutor bahasa inggris?
    ada nih


  3. #3
    Status
    Offline
    arieonline's Avatar
    Member
    Join Date
    Jun 2009
    Location
    Bogor
    Posts
    123
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by Anto.PJ Click here to enlarge
    tutor bahasa inggris?
    ada nih

    sebelum buka trid sudah saya ikuti tutorial tsb, namun hasil nya gagal

    Code:
    > /certificate> print
    Flags: K - decrypted-private-key, Q - private-key, R - rsa, D - dsa 
     0    name="cert1" subject=C=US,ST=CA,L=SanFrancisco,O=Fort-Funston,CN=jokam,
            emailAddress=me@myhost.mydomain 
          issuer=C=US,ST=CA,L=SanFrancisco,O=Fort-Funston,CN=jokam,
           emailAddress=me@myhost.mydomain 
          serial-number="93E0FC4536213C98" email=me@myhost.mydomain 
          invalid-before=jun/19/2011 13:45:37 invalid-after=jun/16/2021 13:45:37 
          ca=yes
    
    > /interface ovpn-client add name="ovpn-out1" connect-to=172.17.5.55 port=443 mode=ethernet user="vpn01" password="ada-ada-aja" profile=default certificate=cert1 cipher=none add-default-route=no
    
    failure: no certificate found
    dalam tutorial tsb client mendapatkan ca.crt , client1.crt , client1.pem

    sedangkan saya hanya punya ca.crt, jadi saya buka thread ini

  4. #4
    Status
    Offline
    yosanpro's Avatar
    Co-Admin
    Join Date
    Nov 2007
    Location
    Bantul, Bantul, Yogyakarta
    Posts
    2,548
    Reviews
    Read 0 Reviews
    Downloads
    11
    Uploads
    4
    Feedback Score
    1 (100%)
    Click here to enlarge Originally Posted by arieonline Click here to enlarge
    sebelum buka trid sudah saya ikuti tutorial tsb, namun hasil nya gagal

    Code:
    > /certificate> print
    Flags: K - decrypted-private-key, Q - private-key, R - rsa, D - dsa 
     0    name="cert1" subject=C=US,ST=CA,L=SanFrancisco,O=Fort-Funston,CN=jokam,
            emailAddress=me@myhost.mydomain 
          issuer=C=US,ST=CA,L=SanFrancisco,O=Fort-Funston,CN=jokam,
           emailAddress=me@myhost.mydomain 
          serial-number="93E0FC4536213C98" email=me@myhost.mydomain 
          invalid-before=jun/19/2011 13:45:37 invalid-after=jun/16/2021 13:45:37 
          ca=yes
    
    > /interface ovpn-client add name="ovpn-out1" connect-to=172.17.5.55 port=443 mode=ethernet user="vpn01" password="ada-ada-aja" profile=default certificate=cert1 cipher=none add-default-route=no
    
    failure: no certificate found
    dalam tutorial tsb client mendapatkan ca.crt , client1.crt , client1.pem

    sedangkan saya hanya punya ca.crt, jadi saya buka thread ini
    Kalau anda mengikuti materi MUM 20-21 Oktober 2012 di jakarta yang baru saja usai, mungkin anda bisa mendapatkan pencerahan dari materi pembahasan om Faisal Reza di hari pertama:

    Low cost Secure VPN : MikroTik SSTP over OpenIXP (Indonesian Internet) by Faisal Reza (Indonesia)

    Meskipun pembahasan di atas menggunakan SSTP, tetapi pointnya sebetulnya hampir sama, dan yang anda permasalahkan adalah generate certificate yang juga dibahas oleh om Faisal Reza, dimana beliau menggunakan openssl running di ubuntu/debian. cmiiw

    Untuk tutorialnya anda bisa menunggu materi MUM tahun ini dipublish oleh Mikrotik.
    A person's junk is another person's treasure.

  5. #5
    Status
    Offline
    si_faisal's Avatar
    Contributor
    Join Date
    Jul 2008
    Location
    Jakarta & Sukabumi
    Posts
    485
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    flag certificate di mikrotik nya harus KR
    import juga ca.key nya

    silahkan dicoba lagi
    oh ya sekedar mengingatkan, ovpn di mikrotik gak support UDP dan kompresi LZO

    cmiiw

  6. #6
    Status
    Offline
    arieonline's Avatar
    Member
    Join Date
    Jun 2009
    Location
    Bogor
    Posts
    123
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by yosanpro Click here to enlarge
    Kalau anda mengikuti materi MUM 20-21 Oktober 2012 di jakarta yang baru saja usai, mungkin anda bisa mendapatkan pencerahan dari materi pembahasan om Faisal Reza di hari pertama:

    Low cost Secure VPN : MikroTik SSTP over OpenIXP (Indonesian Internet) by Faisal Reza (Indonesia)

    Meskipun pembahasan di atas menggunakan SSTP, tetapi pointnya sebetulnya hampir sama, dan yang anda permasalahkan adalah generate certificate yang juga dibahas oleh om Faisal Reza, dimana beliau menggunakan openssl running di ubuntu/debian. cmiiw

    Untuk tutorialnya anda bisa menunggu materi MUM tahun ini dipublish oleh Mikrotik.
    mudah2an ada jalan keluar utk kasus seperti saya ini

    Click here to enlarge Originally Posted by si_faisal Click here to enlarge
    flag certificate di mikrotik nya harus KR
    import juga ca.key nya

    silahkan dicoba lagi
    oh ya sekedar mengingatkan, ovpn di mikrotik gak support UDP dan kompresi LZO

    cmiiw
    nah yg saya bingungkan klo hanya bermodal ca.crt tidak bisa KR flag nya, sehingga Mikrotik nya tidak bisa connect ke server

    tp klo di client Linux sendiri pake ca.crt (plus user dan password) sudah bisa connect (di openvpn servernya ada option client-cert-not-required)

    oh iya di openvpn server nya (Linux Server) tidak menggunakan UDP dan LZO

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Setting OpenVPN di Mikrotik
    By c0nf in forum Tutorial
    Replies: 25
    Last Post: 29-05-2014, 11:31
  2. Setting OpenVPN di Mikrotik
    By c0nf in forum Tutorial
    Replies: 0
    Last Post: 21-10-2011, 04:00
  3. [ask] Monitoring OpenVPN Mikrotik + Problem
    By victor in forum General Networking
    Replies: 2
    Last Post: 18-10-2010, 11:28
  4. VPN dengan OpenVPN di Mikrotik
    By preeos in forum General Networking
    Replies: 6
    Last Post: 19-09-2010, 23:23
  5. [AsK] Jaht WP-4001BR Sebagai Client
    By trovellity in forum Wireless Networking
    Replies: 8
    Last Post: 13-01-2010, 09:38

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •