We are finished configuring the server so let's install the CA certificate that we Exported before: If your provider does not provide private IPs then you'll have to add a couple more lines to your Terminal (change X with your subnet) and of course you'll have to your subnet to IP>Addresses: /ip firewall filterĪdd action=accept chain=input src-address=XX.XX.XX.XX/XXĪdd action=accept chain=forward src-address=XX.XX.XX.XX/XX Last step here is to open ''New Terminal" and paste the following (change the subnet with your own): /ip firewall natĪdd action=masquerade chain=srcnat out-interface=ether1 src-address=172.31.46.215/20Īdd action=drop chain=input connection-state=new dst-port=53 in-interface=ether1 protocol=udpĪdd action=drop chain=input connection-state=new dst-port=53 in-interface=ether1 protocol=tcp
Now we will enable the SSTP Server in PPP>Interface> then SSTP Server: Then we go to PPP and create a new profile:Īfter creating the profile we will create a new client in PPP>Secrets: Then we have to create IP Pool for our VPN Server (I'm using the following pool 172.31.46.216-172.31.46.226)
Now we'll Export the CA certificate to be used on the client side later: Now we will have to sign both CA & Server certificates then make sure that "Server" certificate is Trusted : Then we will have to create Server certificate:
Hostname= .comįirst we will have to create the CA certificate: Here is the network configs for the VPS used in this tutorial: I will show you how to configure SSTP Server on MikroTik CHR I know that there is other ways to install SSTP Server but this one is very easy if you can get a VPS with MikroTik OS or a KVM and install MikroTik CHR free license (connection is limited to 1Mbit) or paid licenses it's not that expensive if you can pick it in an offer
0 kommentar(er)
