SlideShare a Scribd company logo

Encryption Workshop: Configuring SSTP & OVPN on MikroTik Router

T
todangkhoa

d

Devices & Hardware
1 of 29
Download to read offline
Welcome to this Workshop! First, some basic concepts about encryption …..
• As you know, to unlock or even lock anything like a door you need a key. • This applies to computer networks, too. • There are two encryption methods in computer networks.  Symmetric Encryption  Asymmetric Encryption
One of the most common Asymmetric Encryption methods is using computer certificates. In this method, we need to provide a certificate from a well-known Certificate Authority (CA) and import it to our "Local Computer Personal Certificate Store”. After importing, we can use it to encrypt and sign our data. *Note: you should have your CA, public key certificate in your “Trusted Certificate Authority” list.
How certificates work and help us to encrypt our data in “HTTPS-(SSL)” communications…
Let`s go to implementing SSTP & OVPN on our MikroTik RouterBoard as a Server and Microsoft Windows as a Client ……
Imagine that our Network Topology is:
• First, basic configurations are set, including IP address, MikroTik identity (Name), admin password, …. • Then, as a first step of implementation, we should configure SNTP and MikroTik Clock, because validity time is very important in issuing and using a certificate. (See next slide)
Configuring MikroTik Clock & SNTP Settings
• Now as a second step, we need to create a CA Certificate and issue a certificate for our SSTP and OVPN Server and finally sign it with our CA Certificate. • After that we should export CA Public Key to import it to our client’s “Trusted Root Certification Authorities” List. (See next slides)
Providing CA & Server Certificates
Signing Certificates
Exporting CA Public Key
Importing CA Public Key to Client Local Certificate Store (Trusted Root Certification Authorities List)
• Now as a third step, we should create an IP Pool, a PPP Profile and PPP Secret which should be used with Server Certificate in Configurations after enabling SSTP and OVPN. • Finally, in Server Configurations, we should enable “ARP Proxy” on our MikroTik Router “Local Network” Interface. • It’s required to remotely access Local Network. (See next slides)
Providing Same “IP Pool” for SSTP & OVPN Clients
Creating “PPP Profile” for SSTP & OVPN Connections
Creating “PPP Secret” for SSTP & OVPN Connections
Enabling & Configuring SSTP Server
Enabling & Configuring OVPN Server
Enabling “ARP Proxy” on Local Interface
• After all server configurations are completed, we should configure the client side. • To configure a Microsoft Windows operating system as a SSTP Client, a VPN connection should first be created and “VPN type” should be changed to “SSTP”. • To configure a Microsoft Windows operating system as an “OVPN Client”, some OVPN client applications such as “OPEN VPN GUI” should be installed and then provide a Config File that includes client configurations and finally use it to connect to your OVPN server. *Tip: (You can use Sample Configuration file that is located in "sample-config" folder and modify it according to your server configurations. (See next slides)
Configuring SSTP Client on Microsoft Windows
Connecting to the MikroTik SSTP Server
Connecting to the MikroTik OVPN Server
Thank You! Powered by: Pooria Taabbodi ptaabodi@hotmail.com

Recommended

Demystifying Software Defined Networking (SDN)
Demystifying Software Defined Networking (SDN)Demystifying Software Defined Networking (SDN)
Demystifying Software Defined Networking (SDN)Matt Bynum
 
Python for the Network Nerd
Python for the Network NerdPython for the Network Nerd
Python for the Network NerdMatt Bynum
 
Calico and juju
Calico and jujuCalico and juju
Calico and jujuAnirban Sen Chowdhary
 
Sqlviking
SqlvikingSqlviking
SqlvikingJonn Callahan
 
Linux routing and firewall for beginners
Linux routing and firewall for beginnersLinux routing and firewall for beginners
Linux routing and firewall for beginnersn|u - The Open Security Community
 
y3dips hacking priv8 network
y3dips hacking priv8 networky3dips hacking priv8 network
y3dips hacking priv8 networkidsecconf
 
MQTT - REST Bridge using the Smart Object API
MQTT - REST Bridge using the Smart Object APIMQTT - REST Bridge using the Smart Object API
MQTT - REST Bridge using the Smart Object APIMichael Koster
 
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...Neeraj Kumar
 

Recommended

Demystifying Software Defined Networking (SDN)
Demystifying Software Defined Networking (SDN)Demystifying Software Defined Networking (SDN)
Demystifying Software Defined Networking (SDN)Matt Bynum
 
Python for the Network Nerd
Python for the Network NerdPython for the Network Nerd
Python for the Network NerdMatt Bynum
 
Calico and juju
Calico and jujuCalico and juju
Calico and jujuAnirban Sen Chowdhary
 
Sqlviking
SqlvikingSqlviking
SqlvikingJonn Callahan
 
Linux routing and firewall for beginners
Linux routing and firewall for beginnersLinux routing and firewall for beginners
Linux routing and firewall for beginnersn|u - The Open Security Community
 
y3dips hacking priv8 network
y3dips hacking priv8 networky3dips hacking priv8 network
y3dips hacking priv8 networkidsecconf
 
MQTT - REST Bridge using the Smart Object API
MQTT - REST Bridge using the Smart Object APIMQTT - REST Bridge using the Smart Object API
MQTT - REST Bridge using the Smart Object APIMichael Koster
 
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...Neeraj Kumar
 
Puppet for Networking - Junos
Puppet for Networking - JunosPuppet for Networking - Junos
Puppet for Networking - JunosPuppet
 
Vital Aspects of SSL Support in MySQL
Vital Aspects of SSL Support in MySQLVital Aspects of SSL Support in MySQL
Vital Aspects of SSL Support in MySQLLesa Cote
 
Managing enterprise client deployment with p2
Managing enterprise client deployment with p2Managing enterprise client deployment with p2
Managing enterprise client deployment with p2Thomas Kratz
 
How to: node js & micro-services
How to: node js & micro-servicesHow to: node js & micro-services
How to: node js & micro-servicesMichael Haberman
 
Software for the Internet of Things
Software for the Internet of ThingsSoftware for the Internet of Things
Software for the Internet of ThingsAlexandru Radovici
 
BAUG Meetup #1 2022: Публикация ресурсов в Интернет в Microsoft Azure. Обзор ...
BAUG Meetup #1 2022: Публикация ресурсов в Интернет в Microsoft Azure. Обзор ...BAUG Meetup #1 2022: Публикация ресурсов в Интернет в Microsoft Azure. Обзор ...
BAUG Meetup #1 2022: Публикация ресурсов в Интернет в Microsoft Azure. Обзор ...Dzmitry Durasau
 
WebAccess\NMS v3.0
WebAccess\NMS v3.0WebAccess\NMS v3.0
WebAccess\NMS v3.0Guider Lee
 
Realtime Web Apps: WebSockets & WebRTC
Realtime Web Apps: WebSockets & WebRTC Realtime Web Apps: WebSockets & WebRTC
Realtime Web Apps: WebSockets & WebRTC VivochaLabs
 
Lets Encrypt!
Lets Encrypt!Lets Encrypt!
Lets Encrypt!Joerg Henning
 
Bastion Host : Amazon Web Services
Bastion Host : Amazon Web ServicesBastion Host : Amazon Web Services
Bastion Host : Amazon Web ServicesAkhilesh Joshi
 
Virtual Private Networks
Virtual Private NetworksVirtual Private Networks
Virtual Private Networksprimeteacher32
 
Getting started on IoT with AWS and NodeMCU for less than 5€
Getting started on IoT with AWS and NodeMCU for less than 5€Getting started on IoT with AWS and NodeMCU for less than 5€
Getting started on IoT with AWS and NodeMCU for less than 5€Stylight
 
GÉANT TURN pilot
GÉANT TURN pilotGÉANT TURN pilot
GÉANT TURN pilotMihály Mészáros
 
FIWARE Tech Summit - Building Your Own IoT Agent
FIWARE Tech Summit - Building Your Own IoT AgentFIWARE Tech Summit - Building Your Own IoT Agent
FIWARE Tech Summit - Building Your Own IoT AgentFIWARE
 
Building Open Source IoT Cloud
Building Open Source IoT CloudBuilding Open Source IoT Cloud
Building Open Source IoT Clouddejanb
 
Introduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & SecureIntroduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & SecureBrian Ritchie
 
Upcoming Products, Services and Features - Workshop by Praveen Umanath
Upcoming Products, Services and Features - Workshop by Praveen UmanathUpcoming Products, Services and Features - Workshop by Praveen Umanath
Upcoming Products, Services and Features - Workshop by Praveen UmanathResellerClub
 
Shameful secrets of proprietary network protocols
Shameful secrets of proprietary network protocolsShameful secrets of proprietary network protocols
Shameful secrets of proprietary network protocolsSlawomir Jasek
 
Chapter 8 overview
Chapter 8 overviewChapter 8 overview
Chapter 8 overviewali raza
 
Fiware cloud developers week brussels
Fiware cloud developers week brusselsFiware cloud developers week brussels
Fiware cloud developers week brusselsFernando Lopez Aguilar
 
Cisco iso based CA (certificate authority)
Cisco iso based CA (certificate authority)Cisco iso based CA (certificate authority)
Cisco iso based CA (certificate authority)Netwax Lab
 
A.java
A.javaA.java
A.javaJahnaviBhagat
 

More Related Content

What's hot

Puppet for Networking - Junos
Puppet for Networking - JunosPuppet for Networking - Junos
Puppet for Networking - JunosPuppet
 
Vital Aspects of SSL Support in MySQL
Vital Aspects of SSL Support in MySQLVital Aspects of SSL Support in MySQL
Vital Aspects of SSL Support in MySQLLesa Cote
 
Managing enterprise client deployment with p2
Managing enterprise client deployment with p2Managing enterprise client deployment with p2
Managing enterprise client deployment with p2Thomas Kratz
 
How to: node js & micro-services
How to: node js & micro-servicesHow to: node js & micro-services
How to: node js & micro-servicesMichael Haberman
 
Software for the Internet of Things
Software for the Internet of ThingsSoftware for the Internet of Things
Software for the Internet of ThingsAlexandru Radovici
 
BAUG Meetup #1 2022: Публикация ресурсов в Интернет в Microsoft Azure. Обзор ...
BAUG Meetup #1 2022: Публикация ресурсов в Интернет в Microsoft Azure. Обзор ...BAUG Meetup #1 2022: Публикация ресурсов в Интернет в Microsoft Azure. Обзор ...
BAUG Meetup #1 2022: Публикация ресурсов в Интернет в Microsoft Azure. Обзор ...Dzmitry Durasau
 
WebAccess\NMS v3.0
WebAccess\NMS v3.0WebAccess\NMS v3.0
WebAccess\NMS v3.0Guider Lee
 
Realtime Web Apps: WebSockets & WebRTC
Realtime Web Apps: WebSockets & WebRTC Realtime Web Apps: WebSockets & WebRTC
Realtime Web Apps: WebSockets & WebRTC VivochaLabs
 
Bastion Host : Amazon Web Services
Bastion Host : Amazon Web ServicesBastion Host : Amazon Web Services
Bastion Host : Amazon Web ServicesAkhilesh Joshi
 
Virtual Private Networks
Virtual Private NetworksVirtual Private Networks
Virtual Private Networksprimeteacher32
 
Getting started on IoT with AWS and NodeMCU for less than 5€
Getting started on IoT with AWS and NodeMCU for less than 5€Getting started on IoT with AWS and NodeMCU for less than 5€
Getting started on IoT with AWS and NodeMCU for less than 5€Stylight
 
FIWARE Tech Summit - Building Your Own IoT Agent
FIWARE Tech Summit - Building Your Own IoT AgentFIWARE Tech Summit - Building Your Own IoT Agent
FIWARE Tech Summit - Building Your Own IoT AgentFIWARE
 
Building Open Source IoT Cloud
Building Open Source IoT CloudBuilding Open Source IoT Cloud
Building Open Source IoT Clouddejanb
 
Introduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & SecureIntroduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & SecureBrian Ritchie
 
Upcoming Products, Services and Features - Workshop by Praveen Umanath
Upcoming Products, Services and Features - Workshop by Praveen UmanathUpcoming Products, Services and Features - Workshop by Praveen Umanath
Upcoming Products, Services and Features - Workshop by Praveen UmanathResellerClub
 

What's hot (17)

Puppet for Networking - Junos
Puppet for Networking - JunosPuppet for Networking - Junos
Puppet for Networking - Junos
 
Vital Aspects of SSL Support in MySQL
Vital Aspects of SSL Support in MySQLVital Aspects of SSL Support in MySQL
Vital Aspects of SSL Support in MySQL
 
Managing enterprise client deployment with p2
Managing enterprise client deployment with p2Managing enterprise client deployment with p2
Managing enterprise client deployment with p2
 
How to: node js & micro-services
How to: node js & micro-servicesHow to: node js & micro-services
How to: node js & micro-services
 
Software for the Internet of Things
Software for the Internet of ThingsSoftware for the Internet of Things
Software for the Internet of Things
 
BAUG Meetup #1 2022: Публикация ресурсов в Интернет в Microsoft Azure. Обзор ...
BAUG Meetup #1 2022: Публикация ресурсов в Интернет в Microsoft Azure. Обзор ...BAUG Meetup #1 2022: Публикация ресурсов в Интернет в Microsoft Azure. Обзор ...
BAUG Meetup #1 2022: Публикация ресурсов в Интернет в Microsoft Azure. Обзор ...
 
WebAccess\NMS v3.0
WebAccess\NMS v3.0WebAccess\NMS v3.0
WebAccess\NMS v3.0
 
Realtime Web Apps: WebSockets & WebRTC
Realtime Web Apps: WebSockets & WebRTC Realtime Web Apps: WebSockets & WebRTC
Realtime Web Apps: WebSockets & WebRTC
 
Lets Encrypt!
Lets Encrypt!Lets Encrypt!
Lets Encrypt!
 
Bastion Host : Amazon Web Services
Bastion Host : Amazon Web ServicesBastion Host : Amazon Web Services
Bastion Host : Amazon Web Services
 
Virtual Private Networks
Virtual Private NetworksVirtual Private Networks
Virtual Private Networks
 
Getting started on IoT with AWS and NodeMCU for less than 5€
Getting started on IoT with AWS and NodeMCU for less than 5€Getting started on IoT with AWS and NodeMCU for less than 5€
Getting started on IoT with AWS and NodeMCU for less than 5€
 
GÉANT TURN pilot
GÉANT TURN pilotGÉANT TURN pilot
GÉANT TURN pilot
 
FIWARE Tech Summit - Building Your Own IoT Agent
FIWARE Tech Summit - Building Your Own IoT AgentFIWARE Tech Summit - Building Your Own IoT Agent
FIWARE Tech Summit - Building Your Own IoT Agent
 
Building Open Source IoT Cloud
Building Open Source IoT CloudBuilding Open Source IoT Cloud
Building Open Source IoT Cloud
 
Introduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & SecureIntroduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & Secure
 
Upcoming Products, Services and Features - Workshop by Praveen Umanath
Upcoming Products, Services and Features - Workshop by Praveen UmanathUpcoming Products, Services and Features - Workshop by Praveen Umanath
Upcoming Products, Services and Features - Workshop by Praveen Umanath
 

Similar to Encryption Workshop: Configuring SSTP & OVPN on MikroTik Router

Shameful secrets of proprietary network protocols
Shameful secrets of proprietary network protocolsShameful secrets of proprietary network protocols
Shameful secrets of proprietary network protocolsSlawomir Jasek
 
Chapter 8 overview
Chapter 8 overviewChapter 8 overview
Chapter 8 overviewali raza
 
Cisco iso based CA (certificate authority)
Cisco iso based CA (certificate authority)Cisco iso based CA (certificate authority)
Cisco iso based CA (certificate authority)Netwax Lab
 
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocols
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocolsCONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocols
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocolsPROIDEA
 
Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014
Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014
Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014Jakub Kałużny
 
Chapter 3 overview
Chapter 3 overviewChapter 3 overview
Chapter 3 overviewali raza
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 10
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 10CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 10
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 10Waqas Ahmed Nawaz
 
Dell PowerEdge Zero Touch Provisioning
Dell PowerEdge Zero Touch ProvisioningDell PowerEdge Zero Touch Provisioning
Dell PowerEdge Zero Touch ProvisioningDell World
 
Ciscorouterasavpnserver 100218045815-phpapp01
Ciscorouterasavpnserver 100218045815-phpapp01Ciscorouterasavpnserver 100218045815-phpapp01
Ciscorouterasavpnserver 100218045815-phpapp01slavenvvv
 
Introduction to Networking Commands & Software
Introduction to Networking Commands & SoftwareIntroduction to Networking Commands & Software
Introduction to Networking Commands & SoftwareMuhammadRizaHilmi
 
A Byte of Software Deployment
A Byte of Software DeploymentA Byte of Software Deployment
A Byte of Software DeploymentGong Haibing
 
Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWSManojAccTest
 

Similar to Encryption Workshop: Configuring SSTP & OVPN on MikroTik Router (20)

Shameful secrets of proprietary network protocols
Shameful secrets of proprietary network protocolsShameful secrets of proprietary network protocols
Shameful secrets of proprietary network protocols
 
Chapter 8 overview
Chapter 8 overviewChapter 8 overview
Chapter 8 overview
 
Fiware cloud developers week brussels
Fiware cloud developers week brusselsFiware cloud developers week brussels
Fiware cloud developers week brussels
 
Cisco iso based CA (certificate authority)
Cisco iso based CA (certificate authority)Cisco iso based CA (certificate authority)
Cisco iso based CA (certificate authority)
 
A.java
A.javaA.java
A.java
 
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocols
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocolsCONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocols
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocols
 
Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014
Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014
Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014
 
Chapter 3 overview
Chapter 3 overviewChapter 3 overview
Chapter 3 overview
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 10
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 10CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 10
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 10
 
Chapter 4--converted.pptx
Chapter 4--converted.pptxChapter 4--converted.pptx
Chapter 4--converted.pptx
 
Dell PowerEdge Zero Touch Provisioning
Dell PowerEdge Zero Touch ProvisioningDell PowerEdge Zero Touch Provisioning
Dell PowerEdge Zero Touch Provisioning
 
Identity service keystone ppt
Identity service keystone pptIdentity service keystone ppt
Identity service keystone ppt
 
6421 b Module-09
6421 b Module-096421 b Module-09
6421 b Module-09
 
Ciscorouterasavpnserver 100218045815-phpapp01
Ciscorouterasavpnserver 100218045815-phpapp01Ciscorouterasavpnserver 100218045815-phpapp01
Ciscorouterasavpnserver 100218045815-phpapp01
 
EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)
 
Vpn
VpnVpn
Vpn
 
Introduction to Networking Commands & Software
Introduction to Networking Commands & SoftwareIntroduction to Networking Commands & Software
Introduction to Networking Commands & Software
 
VPN presentation - moeshesh
VPN presentation - moesheshVPN presentation - moeshesh
VPN presentation - moeshesh
 
A Byte of Software Deployment
A Byte of Software DeploymentA Byte of Software Deployment
A Byte of Software Deployment
 
Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWS
 

Recently uploaded

Call Girls Delhi {Rs-10000 Laxmi Nagar] 9711199012 Whats Up Number
Call Girls Delhi {Rs-10000 Laxmi Nagar] 9711199012 Whats Up NumberCall Girls Delhi {Rs-10000 Laxmi Nagar] 9711199012 Whats Up Number
Call Girls Delhi {Rs-10000 Laxmi Nagar] 9711199012 Whats Up NumberMs Riya
 
(ANIKA) Wanwadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(ANIKA) Wanwadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(ANIKA) Wanwadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(ANIKA) Wanwadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...ranjana rawat
 
Call Girls In Andheri East Call 9892124323 Book Hot And Sexy Girls,
Call Girls In Andheri East Call 9892124323 Book Hot And Sexy Girls,Call Girls In Andheri East Call 9892124323 Book Hot And Sexy Girls,
Call Girls In Andheri East Call 9892124323 Book Hot And Sexy Girls,Pooja Nehwal
 
Vip Noida Escorts 9873940964 Greater Noida Escorts Service
Vip Noida Escorts 9873940964 Greater Noida Escorts ServiceVip Noida Escorts 9873940964 Greater Noida Escorts Service
Vip Noida Escorts 9873940964 Greater Noida Escorts Serviceankitnayak356677
 
Call Girls Delhi {Rohini} 9711199012 high profile service
Call Girls Delhi {Rohini} 9711199012 high profile serviceCall Girls Delhi {Rohini} 9711199012 high profile service
Call Girls Delhi {Rohini} 9711199012 high profile servicerehmti665
 
萨斯喀彻温大学毕业证学位证成绩单-购买流程
萨斯喀彻温大学毕业证学位证成绩单-购买流程萨斯喀彻温大学毕业证学位证成绩单-购买流程
萨斯喀彻温大学毕业证学位证成绩单-购买流程1k98h0e1
 
VIP Call Girls Kavuri Hills ( Hyderabad ) Phone 8250192130 | ₹5k To 25k With ...
VIP Call Girls Kavuri Hills ( Hyderabad ) Phone 8250192130 | ₹5k To 25k With ...VIP Call Girls Kavuri Hills ( Hyderabad ) Phone 8250192130 | ₹5k To 25k With ...
VIP Call Girls Kavuri Hills ( Hyderabad ) Phone 8250192130 | ₹5k To 25k With ...Suhani Kapoor
 
(MEGHA) Hinjewadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune E...
(MEGHA) Hinjewadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune E...(MEGHA) Hinjewadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune E...
(MEGHA) Hinjewadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune E...ranjana rawat
 
定制宾州州立大学毕业证(PSU毕业证) 成绩单留信学历认证原版一比一
定制宾州州立大学毕业证(PSU毕业证) 成绩单留信学历认证原版一比一定制宾州州立大学毕业证(PSU毕业证) 成绩单留信学历认证原版一比一
定制宾州州立大学毕业证(PSU毕业证) 成绩单留信学历认证原版一比一ga6c6bdl
 
《1:1仿制麦克马斯特大学毕业证|订制麦克马斯特大学文凭》
《1:1仿制麦克马斯特大学毕业证|订制麦克马斯特大学文凭》《1:1仿制麦克马斯特大学毕业证|订制麦克马斯特大学文凭》
《1:1仿制麦克马斯特大学毕业证|订制麦克马斯特大学文凭》o8wvnojp
 
Papular No 1 Online Istikhara Amil Baba Pakistan Amil Baba In Karachi Amil B...
Papular No 1 Online Istikhara Amil Baba Pakistan Amil Baba In Karachi Amil B...Papular No 1 Online Istikhara Amil Baba Pakistan Amil Baba In Karachi Amil B...
Papular No 1 Online Istikhara Amil Baba Pakistan Amil Baba In Karachi Amil B...Authentic No 1 Amil Baba In Pakistan
 
(PARI) Alandi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(PARI) Alandi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(PARI) Alandi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(PARI) Alandi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
Presentation.pptxjnfoigneoifnvoeifnvklfnvf
Presentation.pptxjnfoigneoifnvoeifnvklfnvfPresentation.pptxjnfoigneoifnvoeifnvklfnvf
Presentation.pptxjnfoigneoifnvoeifnvklfnvfchapmanellie27
 
定制(RHUL学位证)伦敦大学皇家霍洛威学院毕业证成绩单原版一比一
定制(RHUL学位证)伦敦大学皇家霍洛威学院毕业证成绩单原版一比一定制(RHUL学位证)伦敦大学皇家霍洛威学院毕业证成绩单原版一比一
定制(RHUL学位证)伦敦大学皇家霍洛威学院毕业证成绩单原版一比一ss ss
 
如何办理(UCLA毕业证书)加州大学洛杉矶分校毕业证成绩单留信学历认证原版一比一
如何办理(UCLA毕业证书)加州大学洛杉矶分校毕业证成绩单留信学历认证原版一比一如何办理(UCLA毕业证书)加州大学洛杉矶分校毕业证成绩单留信学历认证原版一比一
如何办理(UCLA毕业证书)加州大学洛杉矶分校毕业证成绩单留信学历认证原版一比一ga6c6bdl
 
定制(Salford学位证)索尔福德大学毕业证成绩单原版一比一
定制(Salford学位证)索尔福德大学毕业证成绩单原版一比一定制(Salford学位证)索尔福德大学毕业证成绩单原版一比一
定制(Salford学位证)索尔福德大学毕业证成绩单原版一比一ss ss
 
定制(USF学位证)旧金山大学毕业证成绩单原版一比一
定制(USF学位证)旧金山大学毕业证成绩单原版一比一定制(USF学位证)旧金山大学毕业证成绩单原版一比一
定制(USF学位证)旧金山大学毕业证成绩单原版一比一ss ss
 
Beautiful Sapna Call Girls CP 9711199012 ☎ Call /Whatsapps
Beautiful Sapna Call Girls CP 9711199012 ☎ Call /WhatsappsBeautiful Sapna Call Girls CP 9711199012 ☎ Call /Whatsapps
Beautiful Sapna Call Girls CP 9711199012 ☎ Call /Whatsappssapnasaifi408
 
如何办理(Adelaide毕业证)阿德莱德大学毕业证成绩单Adelaide学历认证真实可查
如何办理(Adelaide毕业证)阿德莱德大学毕业证成绩单Adelaide学历认证真实可查如何办理(Adelaide毕业证)阿德莱德大学毕业证成绩单Adelaide学历认证真实可查
如何办理(Adelaide毕业证)阿德莱德大学毕业证成绩单Adelaide学历认证真实可查awo24iot
 

Recently uploaded (20)

Call Girls Delhi {Rs-10000 Laxmi Nagar] 9711199012 Whats Up Number
Call Girls Delhi {Rs-10000 Laxmi Nagar] 9711199012 Whats Up NumberCall Girls Delhi {Rs-10000 Laxmi Nagar] 9711199012 Whats Up Number
Call Girls Delhi {Rs-10000 Laxmi Nagar] 9711199012 Whats Up Number
 
(ANIKA) Wanwadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(ANIKA) Wanwadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(ANIKA) Wanwadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(ANIKA) Wanwadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 
Call Girls In Andheri East Call 9892124323 Book Hot And Sexy Girls,
Call Girls In Andheri East Call 9892124323 Book Hot And Sexy Girls,Call Girls In Andheri East Call 9892124323 Book Hot And Sexy Girls,
Call Girls In Andheri East Call 9892124323 Book Hot And Sexy Girls,
 
Vip Noida Escorts 9873940964 Greater Noida Escorts Service
Vip Noida Escorts 9873940964 Greater Noida Escorts ServiceVip Noida Escorts 9873940964 Greater Noida Escorts Service
Vip Noida Escorts 9873940964 Greater Noida Escorts Service
 
Call Girls Delhi {Rohini} 9711199012 high profile service
Call Girls Delhi {Rohini} 9711199012 high profile serviceCall Girls Delhi {Rohini} 9711199012 high profile service
Call Girls Delhi {Rohini} 9711199012 high profile service
 
萨斯喀彻温大学毕业证学位证成绩单-购买流程
萨斯喀彻温大学毕业证学位证成绩单-购买流程萨斯喀彻温大学毕业证学位证成绩单-购买流程
萨斯喀彻温大学毕业证学位证成绩单-购买流程
 
VIP Call Girls Kavuri Hills ( Hyderabad ) Phone 8250192130 | ₹5k To 25k With ...
VIP Call Girls Kavuri Hills ( Hyderabad ) Phone 8250192130 | ₹5k To 25k With ...VIP Call Girls Kavuri Hills ( Hyderabad ) Phone 8250192130 | ₹5k To 25k With ...
VIP Call Girls Kavuri Hills ( Hyderabad ) Phone 8250192130 | ₹5k To 25k With ...
 
(MEGHA) Hinjewadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune E...
(MEGHA) Hinjewadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune E...(MEGHA) Hinjewadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune E...
(MEGHA) Hinjewadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune E...
 
定制宾州州立大学毕业证(PSU毕业证) 成绩单留信学历认证原版一比一
定制宾州州立大学毕业证(PSU毕业证) 成绩单留信学历认证原版一比一定制宾州州立大学毕业证(PSU毕业证) 成绩单留信学历认证原版一比一
定制宾州州立大学毕业证(PSU毕业证) 成绩单留信学历认证原版一比一
 
《1:1仿制麦克马斯特大学毕业证|订制麦克马斯特大学文凭》
《1:1仿制麦克马斯特大学毕业证|订制麦克马斯特大学文凭》《1:1仿制麦克马斯特大学毕业证|订制麦克马斯特大学文凭》
《1:1仿制麦克马斯特大学毕业证|订制麦克马斯特大学文凭》
 
Papular No 1 Online Istikhara Amil Baba Pakistan Amil Baba In Karachi Amil B...
Papular No 1 Online Istikhara Amil Baba Pakistan Amil Baba In Karachi Amil B...Papular No 1 Online Istikhara Amil Baba Pakistan Amil Baba In Karachi Amil B...
Papular No 1 Online Istikhara Amil Baba Pakistan Amil Baba In Karachi Amil B...
 
(PARI) Alandi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(PARI) Alandi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(PARI) Alandi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(PARI) Alandi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
Presentation.pptxjnfoigneoifnvoeifnvklfnvf
Presentation.pptxjnfoigneoifnvoeifnvklfnvfPresentation.pptxjnfoigneoifnvoeifnvklfnvf
Presentation.pptxjnfoigneoifnvoeifnvklfnvf
 
定制(RHUL学位证)伦敦大学皇家霍洛威学院毕业证成绩单原版一比一
定制(RHUL学位证)伦敦大学皇家霍洛威学院毕业证成绩单原版一比一定制(RHUL学位证)伦敦大学皇家霍洛威学院毕业证成绩单原版一比一
定制(RHUL学位证)伦敦大学皇家霍洛威学院毕业证成绩单原版一比一
 
如何办理(UCLA毕业证书)加州大学洛杉矶分校毕业证成绩单留信学历认证原版一比一
如何办理(UCLA毕业证书)加州大学洛杉矶分校毕业证成绩单留信学历认证原版一比一如何办理(UCLA毕业证书)加州大学洛杉矶分校毕业证成绩单留信学历认证原版一比一
如何办理(UCLA毕业证书)加州大学洛杉矶分校毕业证成绩单留信学历认证原版一比一
 
定制(Salford学位证)索尔福德大学毕业证成绩单原版一比一
定制(Salford学位证)索尔福德大学毕业证成绩单原版一比一定制(Salford学位证)索尔福德大学毕业证成绩单原版一比一
定制(Salford学位证)索尔福德大学毕业证成绩单原版一比一
 
定制(USF学位证)旧金山大学毕业证成绩单原版一比一
定制(USF学位证)旧金山大学毕业证成绩单原版一比一定制(USF学位证)旧金山大学毕业证成绩单原版一比一
定制(USF学位证)旧金山大学毕业证成绩单原版一比一
 
Low rate Call girls in Delhi Justdial | 9953330565
Low rate Call girls in Delhi Justdial | 9953330565Low rate Call girls in Delhi Justdial | 9953330565
Low rate Call girls in Delhi Justdial | 9953330565
 
Beautiful Sapna Call Girls CP 9711199012 ☎ Call /Whatsapps
Beautiful Sapna Call Girls CP 9711199012 ☎ Call /WhatsappsBeautiful Sapna Call Girls CP 9711199012 ☎ Call /Whatsapps
Beautiful Sapna Call Girls CP 9711199012 ☎ Call /Whatsapps
 
如何办理(Adelaide毕业证)阿德莱德大学毕业证成绩单Adelaide学历认证真实可查
如何办理(Adelaide毕业证)阿德莱德大学毕业证成绩单Adelaide学历认证真实可查如何办理(Adelaide毕业证)阿德莱德大学毕业证成绩单Adelaide学历认证真实可查
如何办理(Adelaide毕业证)阿德莱德大学毕业证成绩单Adelaide学历认证真实可查
 

Encryption Workshop: Configuring SSTP & OVPN on MikroTik Router

  • 1.
  • 2.
  • 3. Welcome to this Workshop! First, some basic concepts about encryption …..
  • 4. • As you know, to unlock or even lock anything like a door you need a key. • This applies to computer networks, too. • There are two encryption methods in computer networks.  Symmetric Encryption  Asymmetric Encryption
  • 5. One of the most common Asymmetric Encryption methods is using computer certificates. In this method, we need to provide a certificate from a well-known Certificate Authority (CA) and import it to our "Local Computer Personal Certificate Store”. After importing, we can use it to encrypt and sign our data. *Note: you should have your CA, public key certificate in your “Trusted Certificate Authority” list.
  • 6. How certificates work and help us to encrypt our data in “HTTPS-(SSL)” communications…
  • 7.
  • 8. Let`s go to implementing SSTP & OVPN on our MikroTik RouterBoard as a Server and Microsoft Windows as a Client ……
  • 9. Imagine that our Network Topology is:
  • 10. • First, basic configurations are set, including IP address, MikroTik identity (Name), admin password, …. • Then, as a first step of implementation, we should configure SNTP and MikroTik Clock, because validity time is very important in issuing and using a certificate. (See next slide)
  • 11. Configuring MikroTik Clock & SNTP Settings
  • 12. • Now as a second step, we need to create a CA Certificate and issue a certificate for our SSTP and OVPN Server and finally sign it with our CA Certificate. • After that we should export CA Public Key to import it to our client’s “Trusted Root Certification Authorities” List. (See next slides)
  • 13. Providing CA & Server Certificates
  • 16. Importing CA Public Key to Client Local Certificate Store (Trusted Root Certification Authorities List)
  • 17. • Now as a third step, we should create an IP Pool, a PPP Profile and PPP Secret which should be used with Server Certificate in Configurations after enabling SSTP and OVPN. • Finally, in Server Configurations, we should enable “ARP Proxy” on our MikroTik Router “Local Network” Interface. • It’s required to remotely access Local Network. (See next slides)
  • 18. Providing Same “IP Pool” for SSTP & OVPN Clients
  • 19. Creating “PPP Profile” for SSTP & OVPN Connections
  • 20. Creating “PPP Secret” for SSTP & OVPN Connections
  • 21. Enabling & Configuring SSTP Server
  • 22. Enabling & Configuring OVPN Server
  • 23. Enabling “ARP Proxy” on Local Interface
  • 24. • After all server configurations are completed, we should configure the client side. • To configure a Microsoft Windows operating system as a SSTP Client, a VPN connection should first be created and “VPN type” should be changed to “SSTP”. • To configure a Microsoft Windows operating system as an “OVPN Client”, some OVPN client applications such as “OPEN VPN GUI” should be installed and then provide a Config File that includes client configurations and finally use it to connect to your OVPN server. *Tip: (You can use Sample Configuration file that is located in "sample-config" folder and modify it according to your server configurations. (See next slides)
  • 25. Configuring SSTP Client on Microsoft Windows
  • 26. Connecting to the MikroTik SSTP Server
  • 27. Connecting to the MikroTik OVPN Server
  • 28.
  • 29. Thank You! Powered by: Pooria Taabbodi ptaabodi@hotmail.com