Hi,
I have UDP OpenVPN server behind Mikrotik and on mikrotik DNAT is set up as follows:
chain=dstnat action=dst-nat to-addresses=192.168.1.10 to-ports=1194
protocol=udp in-interface=ether1 dst-port=1194
Client connects, can work over the connection… but only for 30 seconds. After that it is cut off completely. I tracked this down to problematic conntrack entry in routeros that continues its 30sec countdown despite there is active communication in both directions. The firewall is not configured yet at all, so I don’t know of other reason why packets are dropped.
What to do to fix that? Routeros version (from /system package print) is 3.14 .