openvpn .key file from linux to mikrotik

ngaleyev · January 8, 2008, 8:51pm

hi

we are using openvpn to connect lot of nodes to central linux server.
server has individual config for each place that looks like this:

#
dev tun37
float
remote 24.x.x.x
ifconfig 172.16.100.1 172.16.100.x
up ./node-a.up
secret central.key
rport 15038
lport 5037
verb 3

on each node there is .key file that looks lke this:

  #
     # 2048 bit OpenVPN static key
     #
     -----BEGIN OpenVPN Static key V1-----
     6da0c123f2baa35116c5e34be448faf6
     blahblahblah
     7e91887571055f7f15b622a3c444d1c8
     -----END OpenVPN Static key V1-----

I’m trying to add a mikrotik 3.0 as additional client
so, i copied using ftp central.key to mikrotik board
but have nowhere to use that file. Manual suggests i have to import this file, but every time i try to do that it asks for a passphrase which i dont know if even exists. Besides, i dont have to import it on linux.
If i try random passphrase it gives following output:

[admin@Wisp-Router.com] /certificate> import file-name=central.key
passphrase: ****
     certificates-imported: 0
     private-keys-imported: 0
            files-imported: 0
       decryption-failures: 0
  keys-with-no-certificate: 0

it doesnt even give me a failure.

Does anyone know what to do here?

Thanks

ngaleyev · January 10, 2008, 10:43pm

Lemme rephrase the question: Has anyone succeeded in getting openvpn work with pre-shared keys?
Thanks

raymonvdm · March 19, 2008, 9:12pm

I`m trying the same thing. @work if have an OpenVPN server. On my ubuntu notebook ik have an OpenVPN tunnel to the work.

Now im trying to import the .key file using the sharedsecret. This is succesful but when i select the certificate on the connection winbox gives me the following error Couldnt change interface - no certificate found (6)

But i do have an certificate (ca.key and client.key) imported succesfully

So stil no succes. The L2TP tunnel doesnt work sinds upgrading to V3.5

mrz · March 20, 2008, 7:19am

Upload ca.crt, ca.key client.crt client.key to router. Import all of them. And now you can select client certificate in ovpn client configuration. It works for me.

thavinci · April 22, 2008, 4:21pm

Thank You for this.

However i have a question…

My Unix machine is the Main server and im also trying to get MT working as client.

Here is the problem…

on Dial-out screen i enter all details including certificate.
However when i hit Apply i get " wrong user name (6)"
Now this is cause i didn’t enter a user name & password.

Very very confusing because i don’t use user names and passwords. So why wont it accept without user name?

Help?!

jhgorse · April 3, 2014, 2:26pm

Does Router OS 5.20 support the minimal static key OpenVPN?

That is to say, without certificates–just a static key.

Cheers,
Joe

deivisonmoraes · July 22, 2014, 5:41pm

Hi Joe,

I’m using version 6.17 but still can not import the static key, how to do?

tks

's