OpenVPN [Server] on a Routerboard RB750 - R-OS 5.7

mh348

Expert Member
Joined
Jun 2, 2006
Messages
4,189
I recently upgraded my firmware on my RB70 from 4.16 to 5.7 and see that the OpenVPN server now has a configuration window similar to the PPTP...

I was wondering if it can all be configured via this gui or do you still have to do it via the CLI..

I have pptp working, but would like to try out openvpn.. If anyone has a working openvpn (on RB) please help..
 

eXeBuG

Active Member
Joined
Apr 3, 2007
Messages
35
I used to use OVPN over my mikrotiks for my inter office vpn's still have the config though, currently I use L2TP which is way more stable

Can you give me more info then 'n can give you full config's

OVPN,SSTP,L2TP and PPTP
 

@udiS3

Senior Member
Joined
Feb 4, 2008
Messages
503
Something to keep in mind:
The OpenVPN implementation on MikroTik doesn't push down routes as yet...
 

mh348

Expert Member
Joined
Jun 2, 2006
Messages
4,189
Something to keep in mind:
The OpenVPN implementation on MikroTik doesn't push down routes as yet...

So i'll have to manually add the routes ?

I wrote a bunch of HOWTOs for OpenVPN on Mikrotik RouterOS.
http://daffy.za.net/2010/02/openvpn-mini-guides-mikrotik-routeros-vpn-server/ is for running an OpenVPN Server on RouterOS.

Thanks for the link, I'll try this tonight.. You guide looks quite easy compared to the other guides/wiki that I have found online.. With the R-os 5.7 do you still have to add the ppp (openvpn server) profile, as there is now a "OVPN Server" option.

rb750_ppp_openvpn.png
 

@udiS3

Senior Member
Joined
Feb 4, 2008
Messages
503
So i'll have to manually add the routes ?

If you creating a point to point link then you should be okay. However if you planning
on having devices behind the ovpn client able to communicate over the vpn
then you will have to manually route these...
 

daffy

Expert Member
Joined
Jun 24, 2004
Messages
1,134
So i'll have to manually add the routes ?
If the other endpoint is a PC, then yes. If the other end is another Router, then you can look at running some sort of dynamic routing protocol on it, like OSPF.

With the R-os 5.7 do you still have to add the ppp (openvpn server) profile, as there is now a "OVPN Server" option.

rb750_ppp_openvpn.png

You need to enable the OVPN Server so it listens for connections. And if you want to keep things easily manageable, set up a separate profile.
 

mh348

Expert Member
Joined
Jun 2, 2006
Messages
4,189
I've finally setup my openvpn server and my other routers connecting to the server fine.. I need a script for the client routers to update the server address..

I have a script that I used with pptp but it needs some modification to work with open vpn... Can someone tell me what to change, I'm guessing its the last 2 lines by the interface (type)..

:local "vpn-interface-name" "pptp-home"
:local "vpn-dns-name" "vpn.mh****.co.za"
:local "new-vpn-ip" [:resolve $"vpn-dns-name"]
:local "current-vpn-ip" [/interface pptp-client get $"vpn-interface-name" connect-to]
:if ($"current-vpn-ip" != $"new-vpn-ip") do={ /interface pptp-client set [find name=$"vpn-interface-name"] connect-to=$"new-vpn-ip"}
 

mh348

Expert Member
Joined
Jun 2, 2006
Messages
4,189
Ignore previous post.. I finally got it working :D

:local "vpn-interface-name" "ovpn-home"
:local "vpn-dns-name" "vpn.mh****.co.za"
:local "new-vpn-ip" [:resolve $"vpn-dns-name"]
:local "current-vpn-ip" [/interface ovpn-client get $"vpn-interface-name" connect-to]
:if ($"current-vpn-ip" != $"new-vpn-ip") do={ /interface ovpn-client set [find name=$"vpn-interface-name"] connect-to=$"new-vpn-ip"}

I just edited the interface type and it works :)
 

mh348

Expert Member
Joined
Jun 2, 2006
Messages
4,189
Does anyone have a working config file for Windows Clients.. The server will be my RB750 and I want to also connect from Windows PC's. .
 
Top