There are two official resources I found:
http://wiki.mikrotik.com/wiki/Manual:Interface/OVPN
http://wiki.mikrotik.com/wiki/OpenVPN#Unsupported
One says that standard setup (no username/pass) is unsupported, the other does not. System tells me I cant have empty username. I dont care for the username, it is not used, so I can fill whatever if the system desire it, there is no way it can use it to connect to my providers server. But all I see is “could not connect” message - thats a huge debug info, yeah, I couldnt dream of anything more hazy. Tried all three auth methods as my default config has no such option set from my provider.
/interface ovpn-client
add auth=md5 certificate=cert.crt_0 cipher=aes256 connect-to=
X.X.X.X disabled=yes mac-address=02:B9:62:FA:8C:14 name=ovpn-out1
password=password user=username
So, how is that now? I remember like 3-5 years ago, this forum was “full” of messages that openvpn implementation in ROS has to get much better and Mikrotik seemed to try to dodge it, but nevertheless it was requested and I assume that a company caring for its customers spent some time to fix that in such a loooong timeline. Yeah, there are zounds of serious bugs in w2k8r2 server reported and admitted in 2010 not fixed until today, but microsoft is the comapany that ignores its customers as it doesnt have to care. I hope I am just missing something now and all the long time ago requested fixes are up…
I can live with laggy tcp encapsulation, I can live with hazy log messages, but I need to use it. Or replace the system on my RB with something that is more finished.