Comment on page

MikroTik

This guide will show you how to connect your MikroTik device to the GoodAccess Gateway via a site-to-site connection using the IPsec protocol.

Connecting MikroTik with IKEv2
Does not require on-premise public static IP
IKEv2 configuration allows you to use MikroTik as the main router (which is connected to internet) or place it locally in your LAN behind the main router
Step 1 - Creating a new branch connection
​Log in to the GoodAccess Control Panel, and go to Clouds & Branches.​
Click + Add new, enter the Branch name and subnet, and select Gateway.
Choose IKEv2 Protocol, and click Save.
Click the Edit button of your Branch, and navigate to the Configuration Guide.
Save your Credentials and Download setup files.
You may return to the configuration via the Edit button of your Branch at any time.
Step 2 - Uploading the script and setup files
Download a script for MikroTik:
​RouterOS v6 (6.46 and newer)​
​RouterOS v7​
Log in to your MikroTik device, and go to Files.
Upload the script and setup files from Step 1 (extract the files first).
Uploading the script and setup files
Step 3 - Setting up a site-to-site connection
Go to Terminal and run the following script:
/import ga-setup-branch.rsc
Enter the credentials from GoodAccess (Step 1):
VPN username
VPN password
Gateway address
Gateway subnet
What is your local network - Cloud/Branch subnet
What is CA certificate name - Name of the CA Certificate file stored in your MikroTik files 
Setting up the site-to-site connection
Connection is established when the message "Script file loaded and executed successfully" appears.
You have now successfully connected your device to GoodAccess.
You may check the status of the connection in:
GoodAccess - Control Panel > Clouds & Branches > Edit button > Test connection
MikroTik - IP > IPSec > Policies and Active Peers

FortiGate

Other supported routers and firewalls

Last modified 2mo ago