Topology: net30 - Isolated /30 network per client In this way, worked perfectly, the two sites are communicating perfectly.Ĭompression: Omit Preference (Use OpenVPN Default) Import all of them from System/Certificates.Ĭonnect To: 1.1.1.1 (Your IP PFSense VPN Server) Topology: Subnet - One IP address per clientĬopy two certificate files and the key file to Files. Hardware Crypto: No Hardware Crypto Aceleration Export "CA cert" file (my-ca.crt).Įncryption algorithm: AES-256-CBC (256 bit key, 128 bit block) I had the same problem the LAN behind pfsense could not communicate with the LAN behind the Mikrotik.Īfter some modifications, I was successful and it worked perfectly.Ĭreate new CA (vpn-tunnel-ca). The PFsense site cannot connect to mikrotik site. It works as expected - I can ping workstations from both sides of the tunnel. It works as expected - I can ping workstations from both sides of the works now, here my mini howto: PPP -> Interface - create new OVPN Client:
Import all of them from System/Certificates.Ģ. Copy two certificate files and the key file to Files. Peer Certificate Authority: vpn-tunnel-caĤ. TLS Authentication: (clear checkbox, MikroTik doesn't support shared TLS key) Export cert and key files for client certificate (mik-vpn.crt and mik-vpn.key). System -> Cert Manager -> CertificatesĬreate two certificates (use CA created above) - one for the VPN Server (vpn-tunnel) and one for the MikroTik client (mik-vpn). My task: site-to-site between pfSense and MikroTik:ġ92.168.151.0/24 -> (pfSense 1.1.1.1) -> Internet Cert Manager -> CAsĬreate new CA ( vpn-tunnel-ca). I know that I miss something big, but I'm new to MikroTik and can't find any useful information about this.
If I add to MikroTik NAT rule (srcnat, vpn-tunnel, masquerade) it works, but I want to use site-to-site connection. But ping from workstations behind the MikroTik does not work at all. The tunnel is up, MikroTik is connected and from the terminal ping to 192.168.151.7 works. PfSense is OpenVPN server, Peer to Peer - (SSL/TLS), IPv4 Tunnel Network 10.30.30.0/29, IPv4 Local Network: 192.168.151.0/24, IPv4 Remote Network: 192.168.14.0/24.įrom MikroTik side: PPP - OVPN Client, Mode: ip. I use only pfSense for my site-to-site connections, but now I want to use on some remote sites MikroTik. I need some help with site-to-site OpenVPN configuration.
0 kommentar(er)
