I am running version 6.2 on x86. I have a cable modem at home coming into my router, so I have a permanent connection.
I am testing this from INSIDE my network (On my LAN), connecting out to my public IP and back in.
I want to setup a VPN *server* on my MikroTik router that I can connect with OpenVPN client on my Windows laptop or Android devices.
The problems I'm seeing are:
1) When I set protocol to TCP in client config file, connection fails, but if protocol is UDP I connect, but completely and get error UDPv4 link local: [undef]:
Code: Select all
Sat Jan 04 16:39:05 2014 OpenVPN 2.3.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Aug 22 2013
Sat Jan 04 16:39:05 2014 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sat Jan 04 16:39:05 2014 Need hold release from management interface, waiting...
Sat Jan 04 16:39:06 2014 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sat Jan 04 16:39:06 2014 MANAGEMENT: CMD 'state on'
Sat Jan 04 16:39:06 2014 MANAGEMENT: CMD 'log all on'
Sat Jan 04 16:39:06 2014 MANAGEMENT: CMD 'hold off'
Sat Jan 04 16:39:06 2014 MANAGEMENT: CMD 'hold release'
Sat Jan 04 16:39:06 2014 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sat Jan 04 16:39:12 2014 MANAGEMENT: CMD 'password [...]'
Sat Jan 04 16:39:12 2014 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Jan 04 16:39:12 2014 MANAGEMENT: >STATE:1388882352,RESOLVE,,,
Sat Jan 04 16:39:12 2014 UDPv4 link local: [undef]
Sat Jan 04 16:39:12 2014 UDPv4 link remote: [AF_INET]xx.xx.xx.xx:1194
Sat Jan 04 16:39:12 2014 MANAGEMENT: >STATE:1388882352,WAIT,,,
3) On Winbox if I go to Interface and try to add an interface there is no OVPN-Server, only OVPN-Server Binding. Actually everywhere I see "BINDING", is this the same as SERVER?
4) I'm not seeing anything in the MikroTik log file, the above log is from the client. It looks like I'm not getting an IP address, from the command line I see:
Code: Select all
[MikroTik] /interface ovpn-server server> print
enabled: yes
port: 1194
mode: ip
netmask: 29
mac-address: FE:F1:54:F1:3E:37
max-mtu: 1500
keepalive-timeout: disabled
default-profile: ovpn
certificate: cert1
require-client-certificate: no
auth: sha1,md5
cipher: blowfish128,aes128,aes192,aes256
Code: Select all
name="ovpn" local-address=10.0.100.1 remote-address=ovpn-pool remote-ipv6-prefix-pool=none use-ipv6=yes use-mpls=default use-compression=default
use-vj-compression=default use-encryption=default only-one=default change-tcp-mss=default address-list="" dns-server=8.8.8.8
Code: Select all
add name=ovpn-pool ranges=10.0.100.1-10.1.100.10
I love my Mikrotik router, but the documentation is inconsistent and doesn't say which version it is referring to which makes it frustrating.
Can anyone help? I was thinking there might be some issue the way I'm testing by looping out of my network and back in, but I'm not sure that explains all the problems.
I've been using RouterOS for less than a year, so be gentle Answers to ANY of my questions will be appreciated!