Setup OpenVPN Connect Client in Android

In this article, we will show you how to connect your Android phone to your OpenVPN Server. We have already set up an OpenVPN server in this article.

IMPORTANT: The date on the router must be within the range of the installed certificates valid period. To prevent certificate verification issues, enable NTP synchronization on both the server and the client.

The process is similar to the Windows client. We only need to embed our certificates, keys and credentials in our .ovpn file.

First, download the OpenVPN Connect Client, officially maintained by OpenVPN, from Google Play.
OpenVPN from Google Play

After you download the client,  you need to prepare an .ovpn file, that contains:

- the CA certificate (.crt)
- the Client certificate (.crt)
- the Client certificate key (.key)
- the server configuration
- the credentials for the secret

Log in to your Mikrotik CHR and then go to System>Certificates. We'll export the Client certificate first by right-clicking it and select Export.
Certificate window

 

Enter a passphrase of your choice and click on "Export". You will get a key file with your Client certificate. 
Exporting the Client certificate with passphrase

RouterOS Command:

[admin@MikroTik] >  /certificate export-certificate CLIENT1 export-passphrase=12345678

 

Then export the CA certificate without a passphrase.
Then export the CA certificate without a passphrase.

RouterOS Command:

 [admin@MikroTik] >  /certificate export-certificate LMTCA export-passphrase=""

 

Click on Files. You will see the exported certificates and keys in the root directory. Download them by dragging them to a folder.
Downloading the certificates

This time, we will embed the certificates and secret in the .ovpn file. In a text editor paste this example configuration, change the values according to your OpenVPN Server configuration and paste the certificate contents, key contents and credentials. Then save it.

Example .OVPN configuration file:

client
dev tun
proto tcp-client
remote IP address of your Mikrotik CHR
port 1194
nobind
persist-key
persist-tun
tls-client
remote-cert-tls server
verb 4
mute 10
cipher AES-256-CBC
data-ciphers AES-256-CBC
auth SHA1
auth-nocache
;redirect-gateway def1 #remove semicolon for full redirect
<ca>
-----BEGIN CERTIFICATE-----
Contents of the CA certificate
-----END CERTIFICATE-----
 </ca>
<cert>
-----BEGIN CERTIFICATE-----
Contents of the SERVER certificate
-----END CERTIFICATE-----
 </cert>
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
Contents of the private key
-----END ENCRYPTED PRIVATE KEY-----
 </key>
<auth-user-pass>
Username
Password
</auth-user-pass>

Open the OpenVPN Connect app. You will be presented with options to import your .ovpn profile. Tap on File and then on Browse. Some versions will let you browse the file directly from the app.
Android OpenVPN File Select

Android OpenVPN in-app browser

Then tap on OK to import the profile from the file.
OpenVPN Connect Import dialog

After that, name the profile as you like and if you want, check the Save Private Key Password and enter the password. Tap on Add.
OpenVPN Connect Android Configuration

To test your connection, tap on the switch next to your profile, if it asks about adding a VPN connection to your phone, accept it.
The imported OpenVPN Configuration

And that’s it. You can now connect to the internet via your MikroTik Device using OpenVPN.
Successful OpenVPN Connection

Please take a look at our powerful Mikrotik Cloud Hosted routers and choose your hosting solution.
You can decide to make your own VPN or rent a good and cheap dedicated server. 
We have a tremendous and reliable Webhosting service. 

If this is hard for you, you can take a look at our fast and secure OpenVPN Hosting plans. Easier and quicker to set up, more secure and it's ready in 5 minutes. 

MikroTik VPS: Because your business deserves the best!

Get Started!
icon knowledge

Related Articles

Set up L2TP over IPSec / PPTP VPN client on Windows 10 (+ video)

In this article, we will show you how to set up your VPN client in Windows with PPTP/L2TP over...

Mikrotik CHR: How to fix VPN error in Windows (+ video)

In this article, we will show you how to fix - "A connection to the remote computer could not be...

Connecting your computers to WireGuard VPN hosted in MikroTik

In our previous tutorial we showed how to set up a WireGuard server in our MikroTik CHR.If you...

BGOcloud WireGuard VPN Service: Quickstart guide

The BGOcloud VPN is a new VPN service that is easy to connect to with just one click or a tap....