Am looking to set this up properly (add ike2 vpn server) since having some time on my hands and need to create some self signed certs.
I know how to do most of this cert stuff but when signing my created certificate authority cert the mikrotik wiki mentions specifying a ca-crl-host? It mentions using the IP address of the server, is that the same as my public IP address and what if this is dynamic, can I specify a DDNS url for this?
https://wiki.mikrotik.com/wiki/Manual:Create_Certificates
Does this also mean I have to have port 80 / IP Services 'www' enabled for the crl to be reachable?
Any help much appreciated...
Newer guide to setting up ike2 found on the web so thought I'd see if I could get it working in the hope we'd one day be working remotely again...
https://mum.mikrotik.com/presentations/MY19/presentation_7008_1560543676.pdf
I know how to do most of this cert stuff but when signing my created certificate authority cert the mikrotik wiki mentions specifying a ca-crl-host? It mentions using the IP address of the server, is that the same as my public IP address and what if this is dynamic, can I specify a DDNS url for this?
https://wiki.mikrotik.com/wiki/Manual:Create_Certificates
Does this also mean I have to have port 80 / IP Services 'www' enabled for the crl to be reachable?
Any help much appreciated...
Newer guide to setting up ike2 found on the web so thought I'd see if I could get it working in the hope we'd one day be working remotely again...
https://mum.mikrotik.com/presentations/MY19/presentation_7008_1560543676.pdf