证书制作
注/certificate add name=ca-template-sstp common-name=sstp-dt-ros.com days-valid=3650 key-size=2048 key-usage=crl-sign,key-cert-sign/certificate add name=server-template-sstp common-name=*.sstp-dt-ros.com days-valid=3650 key-size=2048 key-usage=digital-signature,key-encipherment,tls-server/certificate add name=client-template-sstp common-name=client.sstp-dt-ros.com days-valid=3650 key-size=2048 key-usage=tls-client /certificate sign ca-template-sstp name=ca-certificate-sstp/certificate sign server-template-sstp name=server-certificate-sstp ca=ca-certificate-sstp/certificate sign client-template-sstp name=client-certificate-sstp ca=ca-certificate-sstp /certificate export-certificate ca-certificate-sstp export-passphrase=""/certificate export-certificate client-certificate-sstp export-passphrase=12345678/ip pool add name=“sstp-pool” ranges=10.253.252.1-10.253.252.254 /ppp profile add name=“sstp-profile” use-encryption=yes local-address=10.0.0.1 dns-server=139.99.18.82,139.99.115.58 remote-address=sstp-pool/ppp secret add name=lookback password=lookback123 profile=sstp-profile service=sstp /interface sstp-server server set enabled=yes default-profile=sstp-profile authentication=mschap2 certificate=server-certificate-sstp force-aes=yes pfs=yes/ip firewall filter add chain=input protocol=tcp dst-port=443 action=accept place-before=0 comment=“Allow SSTP”
2021-07-14
最新推荐文章于 2023-03-02 15:03:08 发布