WinBox
/certificate
add name=ca common-name=ca days-valid=3650 key-size=2048 key-usage=crl-sign,key-cert-sign
add name=server common-name=server days-valid=3650 key-size=2048 key-usage=digital-signature,key-encipherment,tls-server
add name=client common-name=client days-valid=3650 key-size=2048 key-usage=tls-client
client nem, többi trusted
/certificate
sign ca name=ca
sign server name=server ca=ca
sign client name=client ca=ca
/certificate
export-certificate ca-certificate export-passphrase=""
export-certificate client-certificate export-passphrase=[tanusitvanyjelszo]
/ip
pool add name="ovpn" ranges=192.168.90.10-192.168.90.50
/ppp
profile add name="ovpn" use-encryption=yes local-address=192.168.90.1 dns-server=192.168.90.1 remote-address=ovpn
secret add name=[felhasználónév] profile=vpn-profile password=[jelszó]
/interface ovpn-server server
set default-profile=ovpn certificate=server require-client-certificate=yes auth=sha1 cipher=aes256 enabled=yes
/ip firewall filter
add chain=input protocol=tcp dst-port=1194 action=accept place-before=0 comment="OpenVPN"
kapcsolat.ovpn
client
dev tun
proto tcp-client
remote [szerver IP címe/domainje]
port 1194
nobind
persist-key
persist-tun
tls-client
remote-cert-tls server
ca ca.crt
cert client.crt
key client.key
verb 4
mute 10
cipher AES-256-CBC
auth SHA1
auth-user-pass auth.cfg
auth-nocache
redirect-gateway def1
auth.cfg
[felhasználónév]
[jelszó]