Build your own Cloud-Based VPN Server with MikroTik in minutes!

  Рет қаралды 25,699

The Network Berg

The Network Berg

Күн бұрын

Пікірлер
@netrionio1
@netrionio1 2 жыл бұрын
Things are simple: when I see my favourite network professional - teacher I hit like and subscribe! Thank you very much for your time and effort.
@nikolashuminosky6987
@nikolashuminosky6987 2 жыл бұрын
one thing is missing there sniffing the traffic and show us the MTU resoult, before the mangle rule. well done!!
@TheNetworkBerg
@TheNetworkBerg 2 жыл бұрын
IMPORTANT NOTE: If you are planning to use this as your primary VPN server please ensure that you are eligible for the AWS Free tier that gives you 100GB of bandwidth and 750hrs of instance time each month for a year. If you are going to be exceeding those bandwidth limitations please use the AWS pricing calculator (In advanced mode) to see what the potential charges could be if you are someone doing Terabytes of data. Link below: calculator.aws/#/addService/EC2 I highly suggest licensing your CHR if you want to get the best out of it, all details can be found here: wiki.mikrotik.com/wiki/Manual:CHR
@XZIBIT256
@XZIBIT256 2 жыл бұрын
Thanks!
@seantellsit1431
@seantellsit1431 2 жыл бұрын
Ty for the MSS clamping trick!
@Ljuuk
@Ljuuk Жыл бұрын
Informative ... I was hooked to the whole video !
@ahmadkakarr
@ahmadkakarr 2 жыл бұрын
Your every video of this new series brings happiness
@DaveFamalam
@DaveFamalam 2 жыл бұрын
This was a great tute, both for basic AWS instance controls and Mikrotik CHR - thanks man much appreciated!
@XZIBIT256
@XZIBIT256 2 жыл бұрын
Hello, You have done SUCH A GREAT JOB for this video. I really appreciate your effort and time to make this!
@TheNetworkBerg
@TheNetworkBerg 2 жыл бұрын
Thank you very much for your kindness and supporting the channel I appreciate it very much!
@Joshv918
@Joshv918 2 жыл бұрын
You are amazing man. Learn so much from you
@hiwaamiri
@hiwaamiri 9 ай бұрын
Thanks a lot for your awesome videos. In minute 26:40 you mentioned that you can do it with allowed addresses instead of NATing, how that would work if we have more than 1 nodes connected to the client router?
@Anavllama
@Anavllama 2 жыл бұрын
For whole subnets, worrying about local outgoing traffic, routes, table and routing rules makes sense. Mangling makes sense when you have a group of unconnected IPs (less than a subnet or some from a few subnets).
@CZghost
@CZghost 2 жыл бұрын
If AWS has a free tier, then that makes my Discord bot hosting desires to be viable (at least at the start) :D And nice tutorial, I guess I'll try it out with VMware. If it works, then I guess trying it out with AWS will be the next step.
@TheNetworkBerg
@TheNetworkBerg 2 жыл бұрын
Yeah AWS with a discord bot on Free Tier sounds like a solid idea.
@borgeshq
@borgeshq 11 ай бұрын
Very nice explanations. Could you please show how to use the IPv6 with Wireguard on AWS please?
@mpdroza
@mpdroza 2 жыл бұрын
great job and thanks for putting this wonderful job out!
@alimibrahem8120
@alimibrahem8120 Жыл бұрын
Hello Mr Berg...! very thanksful that's awesom..! so in your last rule that you created what if my wireguard is in windows machine for example is there is a way that i can do the same thing -(how can i change the MSS for it...?
@ezatalhamody9334
@ezatalhamody9334 2 жыл бұрын
Great demonstration. In my country some websites are blocked, would you please explain how to get access to those websites through the wireguard VPN tunnel. What I mean if I want to get access to those web sites I go through the VPN tunnel, while the other unblocked websites reach them through the normal routing. Thanks.
@gionag
@gionag 2 жыл бұрын
Please, can you elaborate more on the MSS clamping ? i always done that blindly, but i would like to know once and for all what that do. in my personal experience, i have never seen applied that clamping just to syn... wondering why... thanks :)
@joaoeduardo82
@joaoeduardo82 2 жыл бұрын
Oracle cloud has arm instance eternally free. much easier install wireguard on linux there.
@miankamran802
@miankamran802 11 күн бұрын
port forwarding is not working on CHR. I have deployed the same as you but port forwarding is not working. Can you please make videos of how to port forward on CHR on AWS?
@Anavllama
@Anavllama 2 жыл бұрын
During the live comments some chap recommended LightSail, but there is no way I can see to add MT OS to light sail. It only has linux or some derivative and Windows Servers for options ????
@kijokobojong
@kijokobojong Жыл бұрын
what if via cloudflare tunnel? Can I open Mikrotik via Winbox? If you open the proxy via web based there is no problem
@antoniomax3163
@antoniomax3163 2 жыл бұрын
can you tell us about Openvpn server? Or how to put containers on chr, and in ovpn containers?
@Anavllama
@Anavllama 2 жыл бұрын
What about docker-container SNORT for MT router video??
@TheNetworkBerg
@TheNetworkBerg 2 жыл бұрын
That is a very interesting idea, I will try to set this up in a lab sometime soon!
@Anavllama
@Anavllama 2 жыл бұрын
For Input rules on AWS, do they accept domain names (aka resolve them - thinking using iP cloud name )
@XZIBIT256
@XZIBIT256 Жыл бұрын
Quick question, I have been fiddling this for quick some time and I gotta ask you this. if we want to use our Mobile Wireguard app, is there any option in the settings of the app to give mobile hotspot ips of the subnet we are using to connect? For example i use my phone (road warrior) as a mobile hotspot. I want everyone who connects to my hotspot to be tunneled via wireguard. Is that possible?
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
Yes this is possible with various ways, easiest would be to just masquerade traffic from the hotspot range as the WG tunnel IP
@artpietahcreative9356
@artpietahcreative9356 Жыл бұрын
Is it possible to setup a radius server on chr and use it to authenticate hotspot users in other mikrotik routers?
@Haris013gr
@Haris013gr 2 жыл бұрын
I was wondering, is it possible to configure an CHR instance on cloud and use it as a VPN relay? for example if i have site A (internet behind cgnat) and Site B (internet behind cgnat) and i would like to create a site to site tunnel between A & B, could i use a cloud instance that is not behind cgnat in order to tunnel these 2 sites?
@EvgenyJK
@EvgenyJK Жыл бұрын
Anyone knows how to handle MTU issue on Keenetics? I have Mikrotik set up on AWS as in video and home Keenetics router as a winguard client, is there same setting? I found somewhere and set MTU=1300 on Keenetics - seems like works ok, but would like to use proper solution.
@elrinconurbano
@elrinconurbano 2 жыл бұрын
Hi NetworkBerg, Where can I get a L2 Cisco switch image for my eve-ng?
@TheNetworkBerg
@TheNetworkBerg 2 жыл бұрын
You would have to get the images from the vendor directly which means logging into the partner portal for Cisco, if you don't have partner portal access then you might have to ask a friend or colleague to help you out (Otherwise you will have to search on the net, but some sites hosting images can be linked to malware)
@elrinconurbano
@elrinconurbano 2 жыл бұрын
@@TheNetworkBerg thank you
@MangoTreeCB
@MangoTreeCB Жыл бұрын
Is there any another way to host Mikrotik on cloud or VPN server for free or cheap? Prefer cheap only. AWS is good but there need credit/debit card and auto renewal. So that's the catch I don't want to go there.
@Anavllama
@Anavllama 2 жыл бұрын
The hardest part of this is finding the applicable AWS selections that allow hosting CHR. Is it Amazon EC2, or Lightsail etc. None of which are obvious on the AWS selections page. Certainly doesnt come up via networking but through 'featured services' .
@antoniomax3163
@antoniomax3163 2 жыл бұрын
How did you activate the containers? To activate them, you need to hard-turn off or restart the virtual machine from the hoster. In most cases, this is not possible. I was able to do this on my computer, because after activating the command, I just turned off vmware. But the hoster for some reason does not know how. /system/device-mode/update container=yes
@TheNetworkBerg
@TheNetworkBerg 2 жыл бұрын
I didn't do anything with containers, Wireguard runs natively on Rosv7
@CT-Channel442
@CT-Channel442 18 күн бұрын
Hi is this can remote access my miktorik in anywhere?
@TheNetworkBerg
@TheNetworkBerg 14 күн бұрын
You could use this to create VPN tunnels to all your MikroTIks and access it from anywhere I suppose.
@leetasfuk
@leetasfuk 9 ай бұрын
Watch the video three times, Followed to a T, ,Still no traffic passing.
@obi-wan_cannotbe
@obi-wan_cannotbe 2 жыл бұрын
great tutorial! any chance not being lazy and explain marking and routing specific traffic over the tunnel?
@TheNetworkBerg
@TheNetworkBerg 2 жыл бұрын
Could definitely create a video specifically for marking and routing using a similar setup with Wireguard
@antoniomax3163
@antoniomax3163 2 жыл бұрын
Pls add video,how install sstp service. Full video
@wentzelstaffen180
@wentzelstaffen180 2 жыл бұрын
I found Contabo to be the cheapest hosting service, the latency sucks for South African users though @ 172ms to my server.
@Anavllama
@Anavllama 2 жыл бұрын
Need more clarity on 1500 issues on bottom end. ??
@dlupascu
@dlupascu 2 жыл бұрын
Thanks for the video, but 1. Shit - use wireguard\openvpn\etc. installing on EC2 instance (12Months of free tier AWS 750H/M of EC2 it's enough) 2. Licensing ROS CHR it's money + AWS fee for using it 3. Need to create separate SG from ALL to ALL to that cloud router + ROS FW or SG with rules + ROS FW what demonstrates the absurdity of idea It's useful when you do not want things like IGW from AWS... with more functionality and routing firstly but for me it's seems like 50/50. Maybe i'm wrong.
@mfaheem5694
@mfaheem5694 2 жыл бұрын
Nice
@GiovanniColella
@GiovanniColella Жыл бұрын
please make solution for mikrotik ovpn 2fa authentication 10000 point
@MyAeroMove
@MyAeroMove 2 жыл бұрын
AWS will punish you with bandwidth cost. So you'll be very limited with downloads. You might want to assess other CSPs for "free of charge home usage" VPN
@TheNetworkBerg
@TheNetworkBerg 2 жыл бұрын
Hmmmmm I've been trying to figure out exactly what AWS will charge on bandwidth, I know the free tier offers 750hrs of an instance for free (basically a month) and 100GB of bandwidth every month for a year. From the pricing it seems to indicate that they charge between 0,05c and 0,09c per GB to the internet. So depending on how heavily you use the internet these costs will shuffle a lot, if you don't see yourself exceeding 100GB every month over the next year then it's practically free. Though you may be a heavy user doing heavy downloads and trying to stream stuff in 4k which can easily run between 2 - 3 TB a month, in that case you can rack up quite a hefty bill of easily between $200 - $300 USD, I will add the price calculator with a suggestion in the pinned comment and in the video description as well. I'm also going to leave my own instance running over the next month and see what the charges actually look like.
@PaulDickson7
@PaulDickson7 Жыл бұрын
AWS Free Tier is a trap due to bandwidth costs. You might be safer with Linode
@defaultroute
@defaultroute 2 жыл бұрын
Well done for using AWS and not sullying your good name walking the M$ road. #netscape #novell
@TheNetworkBerg
@TheNetworkBerg 2 жыл бұрын
I won't lie I was a little tempted to demo this on Azure after AWS left a bit of a bitter taste in my mouth where they wanted to interview me for a position but no one showed up to the interview. But I don't hold grudges and the platform itself is great ;D!
@josejuanmalfavoniturralde6462
@josejuanmalfavoniturralde6462 Жыл бұрын
Hi great videos, i want to connect a wireguard vpn from one site with opublic ip to other site before cgnat, i want to use in the middle a chr vps to bypass the cgnat from starlink and connect susseful the wireguard but i cant do it can i contact you to help?
MikroTik CLI: A Basic Introduction to It for New Users
27:33
The Network Berg
Рет қаралды 14 М.
Dynamic Routing with Wireguard, Optimize your MikroTik network!
25:55
The Network Berg
Рет қаралды 21 М.
Мясо вегана? 🧐 @Whatthefshow
01:01
История одного вокалиста
Рет қаралды 7 МЛН
When you have a very capricious child 😂😘👍
00:16
Like Asiya
Рет қаралды 18 МЛН
WireGuard в Mikrotik
10:47
Mikrotik Training
Рет қаралды 51 М.
You want a real Name Server at home? // DNS
32:31
Christian Lempa
Рет қаралды 283 М.
Unveiling the Best VPN for MikroTik Routers
16:22
The Network Berg
Рет қаралды 38 М.
pfSense Configuration Guide - Zero to Hero!
1:26:20
Jim's Garage
Рет қаралды 22 М.
Take Control of Your Network: Install Uptime-Kuma on MikroTik
25:37
The Network Berg
Рет қаралды 16 М.
How to setup AWS Client VPN? Full step-by-Step-Demo
41:52
BeCloudGuru
Рет қаралды 24 М.
Мясо вегана? 🧐 @Whatthefshow
01:01
История одного вокалиста
Рет қаралды 7 МЛН