ikev2 vpn | Kadmin

Apr 01

Mikrotik IKEv2 VPN

By kadmin Kadmin, Mikrotik, PowerShell, VPN, Windows No Comments

Создание сертификатов CA, сервера и клиента.

/certificate add name=CA country=RU state=SPb locality=SPb organization=ORG common-name=vpn.domain.ru subject-alt-name=DNS:vpn.domain.ru key-size=2048 days-valid=3650 key-usage=digital-signature,key-encipherment,data-encipherment,key-cert-sign,crl-sign
/certificate sign CA
/certificate add name=vpn.domain.ru country=RU state=SPb locality=SPb organization=ORG common-name=vpn.domain.ru subject-alt-name=DNS:vpn.domain.ru key-size=2048 days-valid=3650 key-usage=tls-server
/certificate sign vpn.domain.ru ca=CA
/certificate add name=chelovek@domain.ru country=RU state=SPb locality=SPb organization=ORD common-name=chelovek@domain.ru subject-alt-name=email:chelovek@domain.ru key-size=2048 days-valid=3650 key-usage=tls-client
/certificate sign chelovek@domain.ru ca=CA
/certificate export-certificate chelovek@domain.ru type=pkcs12 export-passphrase=12345678

/certificate add name=CA country=RU state=SPb locality=SPb organization=ORG common-name=vpn.domain.ru subject-alt-name=DNS:vpn.domain.ru key-size=2048 days-valid=3650 key-usage=digital-signature,key-encipherment,data-encipherment,key-cert-sign,crl-sign

/certificate sign CA

/certificate add name=vpn.domain.ru country=RU state=SPb locality=SPb organization=ORG common-name=vpn.domain.ru subject-alt-name=DNS:vpn.domain.ru key-size=2048 days-valid=3650 key-usage=tls-server

/certificate sign vpn.domain.ru ca=CA

/certificate add name=chelovek@domain.ru country=RU state=SPb locality=SPb organization=ORD common-name=chelovek@domain.ru subject-alt-name=email:chelovek@domain.ru key-size=2048 days-valid=3650 key-usage=tls-client

/certificate sign chelovek@domain.ru ca=CA

/certificate export-certificate chelovek@domain.ru type=pkcs12 export-passphrase=12345678

Конфигурация IPSec IKEv2 на Mikrotik
Read More