1. Create Net-To-Net connection
2. Use SHA1 and TCP (as Microtik cannot use something else), MTU 1400.
10.197.121.0 - peer to peer ovpn net (for example), 10.197.121.1 - IPFire, 10.197.121.2 - Microtik.
3. Save certificates as p12
4.Use openssl to extract keys and certificates from p12:
Extract certificates:openssl pkcs12 -in Client1.p12 -nokeys -out certs.crt
Enter
Import Password: - Don't use any passwords
openssl pkcs12 -in Client1.p12 -nocerts -out Client1.key
Enter
Import Password: - Don't use any passwords
Enter PEM pass phrase: - Enter and record password, later we will use it during import
Verifying - Enter PEM pass phrase: - Enter it again
Enter PEM pass phrase: - Enter and record password, later we will use it during import
Verifying - Enter PEM pass phrase: - Enter it again
5. Add static route to peer-to-peer network and remote Microtik networks.
6. Upload the key and certificates to Microtik filesystem.
7. Import the key and certificates to Microtik from it's filesystem. No new lines adding when you add key, just "T" changes to "KT"!
8. Add new OpenVPN client PPP Profile, new interface, new static routes for peer-to-peer and remote networks.
9. Enable interfaces on both sides and check status of connection
