OpenVPN Client with certificates

Hello.
Well, I have in mind a configuration for access my two factory locations, each one has a RB750, but I don’t have any Static IP address to use any one as VPN Server.

So I have a VPS with debian 8 running OpenVPN Server, and it uses certificates for each client, and I use the ta.key, every client I connect is running fine, even iPhone, and some smartphones.

My question, how can I configure the OVPN Client in my RB’s so they can use the ta.key files to connect to servers?
and How I need to do all the configuration, because I tried to make the connections with and without the ta.key, but I cannot manage to establish contact with the server, at least the server don’t log any activity from the RB’s, is there any special route I need to add? or just the interface with all the parameters?

I hopen it is understandable.

Thanks in advance for the help.

OpenVPN in current RouterOS does not support tls-auth (ta.key) option. You can try to wait for RouterOS v7 (codename “Unicorn” ), which was promised to get long requested udp support, and hopefully it will also have all other goodies (although nothing was confirmed so far).

Thanks.
Sad thing that TLS is not supported yet.

Now. One thing, I tried to connect also without the ta.key, also not activity in my server log.

How do I need to config the client in one router to get to try the connection? in the router side, just have the not connected message, but I think the router is not making the proper routing to try to connect to server.

Can someone help me to configure the client side on RB? I check all the tutorials, but I don’t have any activity log from RB on server side.

Thanks.

If you see no connection attempts in server log at all, it’s time for standard question #1, does your server use tcp or udp? It it’s the latter (default for OpenVPN), then RouterOS does not support that either (yet).