Av. Circular, Nº. 1192 - Goiânia contato[@]cuidadodigital.com.br
Estamos pronto para ajudar o seu negócio crescer.

OpenVPN no Mikrotik com Cliente Windows

Gerando Certificados

 
/certificate add name=ca country="BR" state="GO" locality="GOIANIA" organization="CUIDADO DIGITAL" unit="MATRIZ GOIANIA" \ common-name="ca" key-size=4096 days-valid=3650 key-usage=crl-sign,key-cert-sign /certificate sign ca ca-crl-host=127.0.0.1 name="ca" /certificate add name=servidor country="BR" state="GO" locality="GOIANIA" organization="CUIDADO DIGITAL" unit="MATRIZ GOIANIA" \ common-name="servidor" key-size=4096 days-valid=1095 key-usage=digital-signature,key-encipherment,tls-server /certificate sign servidor ca="ca" name="servidor" /certificate add name=delcain country="BR" state="GO" locality="GOIANIA" organization="CUIDADO DIGITAL" unit="MATRIZ GOIANIA" \ common-name="delcain" key-size=4096 days-valid=3650 key-usage=tls-client /certificate add name=usuario1 copy-from="delcain" common-name="usuario1" /certificate add name=usuario2 copy-from="delcain" common-name="usuario2" /certificate add name=usuario3 copy-from="delcain" common-name="usuario3" /certificate sign delcain ca="ca" name="delcain" /certificate sign usuario1 ca="ca" name="usuario1" /certificate sign usuario2 ca="ca" name="usuario2" /certificate sign usuario3 ca="ca" name="usuario3" /certificate export-certificate ca export-passphrase="" /certificate export-certificate delcain export-passphrase="" /certificate export-certificate mariajose export-passphrase="" /certificate export-certificate fabricio export-passphrase="" /certificate export-certificate dante export-passphrase=""

Configurando Servidor OpenVPN

Passo 1- Criar Pool de IPS                 Passo 2 - Habilitar Serviço OpenVPN               Passo 3 - Configurar Profile para               Passo 5 -  Criar Contas de Usuários                

Configurado Clientes Windows

Após instalar cliente OpenVPN configurar cliente com a seguintes diretivas
client dev tun proto tcp-client remote vpn.cuidadodigital.com.br 1194 nobind persist-key persist-tun tls-client ca cert_export_ca.crt cert cert_export_delcain.crt key cert_export_delcain.key ping 10 verb 3 ;push "route 192.168.200.0 255.255.255.0 192.168.201.1" push "dhcp-option DNS 192.168.200.6" push "dhcp-option DOMAIN cuidadodigital.com.br" cipher AES-256-CBC auth SHA1 auth-user-pass auth.cfg auth-nocache redirect-gateway def1