OpenVPN between Mikrotik and OpenWRT
This is a page of details, for the intro and how to set up Windows and Linux clients, see OpenVPN.
I am writing this while testing with two three virtual machines on a Mac. Once I have the steps down, I will be transferring over to a Buffalo access point running OpenWRT 14.xx and a Mikrotik RB750 running RouterOS 5.27.
I am running my virtual machines on VirtualBox. I use images downloaded from OpenWRT and Mikrotik and install them into very minimal setups. This is handy, they boot FAST and I don't risk cutting myself off from the remote end as I do tests and experiment.
The reasons I chose to use OpenVPN over other options are
- I can directly route packets so I don't need to mess with NAT at one end as with PPTP
- My endpoint is hiding behind several layers of access points and routers that I don't control. OpenVPN works fine in this case.
The virtual network
Plover (Macintosh)
192.168.56.1
LAN (This will be the LAN in my house)
192.168.56.101
VM1 = Router #1, OpenWRT Barrier Breaker
76.0.0.1
Internet
76.0.0.2
VM2 = Router #2, Mikrotik RouterOS 6.23
192.168.2.1
REMOTE LAN (this will be the CDS OFFICE LAN)
192.168.2.2
VM3 = Remote server running Debian
Creating the certificate and key files
I do this on a Ubuntu Linux box, it's the easiest way. I install the easy-rsa package which pulls in the tools needed.
This Mikrotik page has instructions on how to create the keys. Here is an abridged version.
The OpenWRT router
Refer to http://wiki.openwrt.org/doc/howto/vpn.openvpn
The Mikrotik router
Refer to same Mikrotik page as mentioned above, http://wiki.mikrotik.com/wiki/OpenVPN
The "remote" server
I happened to have a generic Debian server installed already in a VirtualBox machine, so I used it as the far end of my network to allow me to test connectivity through the two routers.
