Guys,
I’m having a hell of a time trying to get this to work.
I have an Openvpn AS server up and running. I am able to connect to it with the openvpn client without issue on a windows pc.
I have exported the user certificates using this guide http://docs.openvpn.net/administration-guide/cli-command-line-interface/extracting-separate-certificate-files-for-a-user/
and uploaded/import to our Mikrotik.
I have configured the ovpn-client interface as
Flags: X - disabled, R - running
0 name=“ovpn-out1” mac-address=02:20:24:D4:0C:8C max-mtu=1500
connect-to=xx.xx.xx.xx.xx port=443 mode=ip user=“test” password=“test”
profile=default certificate=cert2 auth=sha1 cipher=blowfish128
add-default-route=no
In the logs i just see it dialing, terminating then disconnecting. over and over.
Any help to get this working would be greatly appreciated.
Thank you
Bump.
Sorry guys, i have no where else to turn.
Thanks
The server logs should provide more detail as to why this is happening. Keep in mind that Mikrotik, inexplicably, still does not support OpenVPN over UDP; you have to use TCP.
Thanks. Same thing happens with TCP though. When you say logs, are you speaking of /logs? Because this doesn’t tell me anything, only that it’s disconnecting/terminating.
You have the OpenVPN server and client and both have logs. It sounds like you’re only looking at the Mikrotik logs; do you have access to the server logs?
Yes i do sorry. the logs don’t even show the mikrotik hitting the server.
I would have to assume that the server is configured to use UDP, which Mikrotik does not support. You need to change it to TCP on the server side to even have a chance.
same problem 
Using OpenVPN AS 1.8.5, disabled UDP, other non-mikrotik clients works, but mikrotik - dialing & terminating
HI All,
I suspect this is due to the mikrotik not supporting TLS AUTH. I get these errors on my openvpn server side:
2013-10-16 18:50:02+0000 [-] OVPN 0 OUT: ‘Wed Oct 16 18:50:02 2013 196.209.220.252:46314 TLS: Initial packet from XXX.XXX.XXX.XXX:46314, sid=d7f8699d bdbac78b’
2013-10-16 18:50:02+0000 [-] OVPN 0 OUT: ‘Wed Oct 16 18:50:02 2013 196.209.220.252:46314 TLS Error: cannot locate HMAC in incoming packet from 196.209.220.252:46314’
2013-10-16 18:50:02+0000 [-] OVPN 0 OUT: ‘Wed Oct 16 18:50:02 2013 196.209.220.252:46314 Fatal TLS error (check_tls_errors_co), restarting’
2013-10-16 18:50:02+0000 [-] OVPN 0 OUT: ‘Wed Oct 16 18:50:02 2013 196.209.220.252:46314 SIGUSR1[soft,tls-error] received, client-instance restarting’
2013-10-16 18:50:12+0000 [-] OVPN 0 OUT: ‘Wed Oct 16 18:50:12 2013 TCP connection established with XXX.XXX.XXX.XXX:46315’
Upon investigation I found that Access Server uses TLS AUTH and Mikrotik does not support it.
+1 for Full OpenVPN Support: UDP, COMP-LZO and TLS AUTH
Has anyone found a solution to this problem? I have the same issue.
Openvpn server is set to UDP and still cant connect.
is there anyway to disable TLS AUTH on the server if that is the issue?
Only viable solution I have come across is to use http://www.ubnt.com/edgemax#edge-router-lite
They support full openvpn
+1 for Full OpenVPN Support
Onn the openVPN server config file, you should have a line there for disabling TLS, Also, don’t use compression and use TCP for connection.