This is default featured slide 1 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 2 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 3 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 4 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 5 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

terça-feira, 29 de dezembro de 2015

Mikrotik - Site to site OpenVPN using Mikrotik RouterOS routers

Julio  dezembro 29, 2015    No comments

I recently needed to set up a VPN between two sites using Mikrotik routers.  Whilst I'm reasonably familiar with OpenVPN, I'm a newcomer to Mikrotik routers so I had to do a fair bit of reading up to figure out how to get this to work how I wanted.

 I found lots of how-to guides already but none really matched what I wanted to achieve and quite a few seemed pretty out of date, with commands for RouterOS that no longer work.

 What I wanted to end up with is something like this:

So fairly standard for a VPN but I was keen that once set up, it just keeps working.  Things at Site A on 192.168.88.0/24 subnet should be able to access things at Site B on the 192.168.89.0/24 subnet automatically.  It also needed to survive a reboot of either router.

 One big stumbling block I ran into with OpenVPN on Mikrotiks is that they don't support push-route so you can get the VPN server to push routes to the client(s).  So in the end I had to set up static IPs for the VPN to use (on the 10.9.9.50/32 subnet) and static routes by IP address.

Worth noting that the Mikrotik routers also don't support OpenVPN over UDP but this wasn't an issue for me.

Read More

segunda-feira, 28 de dezembro de 2015

Mikrotik - Redundância de VPN

Julio  dezembro 28, 2015    No comments

Muitas vezes as empresas possuem redundância de link na matriz e uma conexão VPN com as filiais, mas geralmente os clientes da conexão apontam somente para o link principal, e quando este cai... Sem VPN pra todo mundo!!!

Read More

Mikrotik - VPN links

Julio  dezembro 28, 2015    No comments
http://wiki.mikrotik.com/wiki/Tunnels

--- dual ipsec
http://forum.mikrotik.com/viewtopic.php?t=11174 

--- avaliar
https://supportforums.cisco.com/discussion/11851686/cisco-mikrotik-site-site-ipsec-tunnel


--- mikrotik não é um bom concentrador vpn ipsec...
--- não trabalha  bem em hub-spoke pois nao aceita corretamente diversos peer com endereço IP dinamico.

http://forum.mikrotik.com/viewtopic.php?t=7021

--- um bom exemplo documentacao vpn
http://www.yamaha.com/products/en/network/settings/mikrotik_ipsec_aggressive/


--- vpn cisco com mikrotik
https://supportforums.cisco.com/discussion/11851686/cisco-mikrotik-site-site-ipsec-tunnel


--- wiki IPSEC pre-shared-key-xauth
http://forum.mikrotik.com/viewtopic.php?t=76481

--- link bem suscinto
http://techtmblog.blogspot.com.br/2014/11/internet-protocol-security-ipsec-on.html
Read More