Certificates on Mikrotik’s RouterOS can be managed through the web interface or the Winbox software. Below are basic guidelines for configuring a CA to get you started. Configure the CA Firstly, create a certificate to be used for the CA (Certificate Authority) signing, then self sign it: System -> Certificates -> Add New -> Name … Continue reading Managing Certificates on Mikrotik Router with Winbox
Category Archives: Networking
Draytek 2700G DNS suffix
On Draytek 2700G ADSL router to add a DNS suffix to the DHCP server use the following command in a telnet session to the router: >sys domainname mydomain.local You can also define a hostname for the router, e.g.: >sys name gw.mydomain.local The changes save automatically.
Valid push dhcp-options for OpenVPN
push “dhcp-option DNS 192.168.1.10″push “dhcp-option WINS 192.168.1.10″push “dhcp-option DOMAIN mydomain.local” In pfSense these options should be set on the OpenVPN “server” settings; they do not need to be in the client’s config file.
PPTP routes on Linux
Using pptp-linux client to establish PPTP connections does not automatically generate a route to make the remote network subnet fully accessible, only the host-to-host link. If you don’t wish to set the defaultroute option, then you can use the following script to create a 24-bit subnet route: /etc/ppp/ip-up.d/pptp-route:SUBNET=`echo $PPP_LOCAL | awk -F . ‘#39;`route add … Continue reading PPTP routes on Linux
pfSense IPSEC issues
If you have problems getting an IPSEC tunnel to connect using pfSense at one end check the firewall rules. On the WAN interface there should be rules to pass: ISAKMP (UDP port 500) NAT-T (UDP port 4500) This will allow the VPN to connect, additional firewall rules on the IPSEC interface may be required to allow traffic, … Continue reading pfSense IPSEC issues