Configuring openVPN on a Mikrotik router

07.03.2024

vpn mikrotik setup

VPN (Virtual Private Network) is a virtual private network. Thanks to this technology, the user is guaranteed maximum security when connecting to remote networks. With this program you can fully use their resources as if you are connected directly.

To date, many people use VPN. It is no longer a rarity. It is chosen not only by large enterprises for uninterrupted access to different sites, but also by ordinary users of the home network. Thanks to this technology, you can visit different sites without fear of closed access. In addition, no one will know that you were on this resource.

So how to set up a VPN tunnel and connect it to your home network using a MikroTik router.

Step 1: Preparing your Mikrotik Router

Before you can set up a VPN, you need to configure your MikroTik router. For this, you will need a laptop or computer with uninterrupted Ethernet access.

After connecting the device, you need to enter the router interface and open a web browser. In the window that appears, enter the IP address. As a rule, it is 192.168.88.1 or 192.168.1.1. Enter login credentials (admin/blank by default).

When configuring the router, it is mandatory to check if the firmware is up to date. If necessary, it should be updated to work with the device was stable and safe.

After that we proceed to the basic parameters. You need to set:

  • device name;
  • Wi-Fi password;
  • time zone.

When choosing a password, do not forget about security. Use only strong variants.

Now you can start configuring interfaces and routing. To do this, you need to define IP addresses and set routing rules to ensure connection to the network. And the security of the network can be ensured by configuring the firewall. To do this, you need to set the necessary parameters and restrict access from the outside and define rules for filtering traffic.

DHCP and DNS configuration plays an important role. Activate the DHCP server to automatically assign IP addresses to devices on the network. Specify DNS for proper name resolution. Enable device monitoring, set up event logging to track activity and resolve issues.

In the last step of setup, enter all saved configurations. This will allow you to quickly restore the device in case of failure or changes.

Step 2: Install OpenVPN

What is OpenVPN and how do you set it up? A question that many people are interested in. Setting up openvpn mikrotik consists of several very important steps. following the clear instructions you will definitely succeed. The only nuance is that the steps are slightly different depending on which version of RouterOS is installed and the specific model of MikroTik router.

The first step is to enter the interface of the MikroTik router. To do this, open a web browser and enter the IP address of your MikroTik router in the address bar. The default is `192.168.88.1`. Don’t forget to make sure that you have the latest version of RouterOS installed on your device. You can download the latest version on the official website.

configuring openvpn mikrotik

Step 3: Configuring the Mikrotik VPN Server

Next, we log into the MikroTik router interface and go to the “System” – “Packages” section. Then we select “Check For Updates” and update the package. When finished, we install the OpenVPN package.

And now begins the direct configuration of vpn mikrotik:

  • Go to “PPP” – “Interface”;
  • click “Plus” to mikrotik vpn client to configure a new interface and select the type “OVPN Client”;
  • fill in the required fields such as “Name”, “Connect To”, “User”, and “Password”. At this point, it is important to make sure that you have entered the correct credentials from your OpenVPN server.

Mikrotik openvpn routing needs some rules. To do this, go to the “IP” – “Firewall” section and create a NAT rule. This is necessary to allow OpenVPN traffic to pass through your router. Also, don’t forget to create a filter rule to allow OpenVPN traffic.

To check the mikrotik connection to the vpn server, you need to go to “PPP” – “Interface” and select the OpenVPN interface you created. This way you will check your status.

Configuring a VPN Between Two Mikrotiks

Mikrotik vpn setup between offices is not as complicated as it may seem at first glance. The main thing is to adhere to a strict order of actions. Do not forget about security, which is extremely important in the process of configuring the VPN.

Configuration on the first MikroTik:

  • log into the MikroTik web interface through a browser, using the IP address of your device;
  • go to the “Interfaces” menu and add a new L2TP client interface;
  • add a new IPsec protocol;
  • configure IPsec policy;
  • configure IPsec profile;
  • configure IPsec peer for the second MikroTik.

Configure on the second MikroTik:

  • add the L2TP client interface in the same way;
  • add the same IPsec protocol;
  • configure the same IPsec policy;
  • use the same IPsec profile;
  • configure the IPsec peer for the first MikroTik.

If all the above steps are performed correctly, a VPN tunnel between the two MikroTiks will be established. Be sure to adapt the settings to your specific network configuration and security requirements.

Connecting openvpn offices between Mikrotiks

Mikrotik vpn server configuration will not take long either. The main thing is to follow all the rules.

mikrotik vpn server setup

Step 4: Add rules

1

So, let’s get started:

  • Open Winbox or log in to MikroTik via terminal;
  • go to the “IP” – “Firewall” menu;
  • find and click on the “Filter Rules” tab.
2

Create a new rule to handle OpenVPN traffic:

  • click the “Add New” button;
  • go to the “Chain” section and select “input”;
  • in the “Protocol” section select “udp” or “tcp”. It depends on what protocol you are using for OpenVPN, as a rule users choose UDP;
  • under “Dst. Port” specify the port we configured for OpenVPN. The default is 1194;
  • click on “Action” and set “Accept”. After performing these steps, we save all the entered parameters.
3

Now proceed to create a rule to send traffic that will be routed through OpenVPN. To do this:

  • click the “Add New” button;
  • go to the “Chain” section and select “forward”;
  • under “Protocol” select “udp” or “tcp”. It depends on the OpenVPN protocol;
  • if necessary, specify the port;
  • click “Action” and set “Accept”. Be sure to save all changes.

Step 5: Routing from OpenVPN to Mikrotik

To do this, we go to the “IP” – “Routes” menu and click on the “Add New” button. Go to “Dst. Address” and specify the subnet on the remote office that you want to reach via VPN.

Go to the “Gateway” section and select the OpenVPN interface. Then click “OK” and save the changes.

With these simple rules, you will be able to configure filtering and routing rules for OpenVPN on MikroTik. For proper operation, make sure that similar routing and filtering rules are configured on both ends of the connection.

You can find a lot of useful information on the LTESocks project website. You can also find out what mobile proxies are. The project offers everyone a free trial version.

 

FAQ

1. What role does OpenVPN play in a Mikrotik setup?

  • The software is necessary to establish a connection between computers and the router. It allows you to establish connections between computers behind a NAT-firewall without having to change their settings.

2. Can I set up a VPN between offices with Mikrotik routers?

  • Yes, of course. You need to select: “Set up a new connection – Connect to workplace – Connect to VPN”. Next, enter the IP address of the VPN server to which the connection will be made and give the connection a name. Enter the username and password, and then connect to the remote VPN server.

3. How many vpn connections can be created simultaneously in Mikrotik?

  • Depends on the router model and settings.

Read next

All article