I have an Linux OpenVPN server, also i have my RB750 with client certificate and private key imported.
When I try to connect RB750 to Linux OpenVPN server this message appear in server logs:
Thu Oct 24 11:48:38 2013 us=177236 87.249.250.221:60958 TLS: Initial packet from {client ip and port}, sid=054616eb 1c1735a8
Thu Oct 24 11:48:38 2013 us=177260 87.249.250.221:60958 TLS Error: cannot locate HMAC in incoming packet from {client ip and port}
Thu Oct 24 11:48:38 2013 us=177288 87.249.250.221:60958 Fatal TLS error (check_tls_errors_co), restarting
Thu Oct 24 11:48:38 2013 us=177307 87.249.250.221:60958 SIGUSR1[soft,tls-error] received, client-instance restarting
My OpenVPN server config:
dev tun0
mode server
local {server ip}
port 2000
proto tcp-server
server {server OpenVPN net}
client-config-dir ccd
max-routes 1000
#route for clients
#duplicate-cn
#route into server localnet
push "route {server localnet}"
#route into some network
dh /usr/local/etc/openvpn/keys/dh1024.pem
ca /usr/local/etc/openvpn/keys/ca.crt
cert /usr/local/etc/openvpn/keys/Server.crt
key /usr/local/etc/openvpn/keys/Server.key
tls-auth /usr/local/etc/openvpn/keys/ta.key 0
hand-window 260
tls-timeout 240
auth MD5
cipher BF-CBC
keepalive 15 900
comp-lzo
# tun-mtu 1500
# mssfix 1450
persist-key
persist-tun
reneg-sec 43200
#user nobody
#group nobody
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
verb 4
I have no idea how to import ta.key in RB750 for TLS-auth.
I tried to do it in a standard way through the certificates meny, but no luck.
Any suggestions?
Can I use a TLS-auth with Mikrotik?
Thanks, and sorry for my english.