I am trying to get an OpenVPN client to function on Mikrotik but it doesn’t want to work. I configured the same thing on a windows client and it works fine. Yes I am using TCP.
They provide certificates and username/password. I imported the cert’s, manually configured the OVPN Client and it will connect for about a minute, then reconnects. During the minute connected I am unable to ping through the VPN. It seems to be a decent service for anonymity if anyone has any suggestions let me know.
Do they use compression? Mikrotik’s implementation of OpenVPN doesn’t support compression, UDP and (if i am not mistaken) receiving routes from the server.
Compression is disabled, they have the option for both tcp and udp… I am using TCP. The routes seem to be getting created and they say reachable. Any way to crank the logging up so I can see more? I added ovpn to logging but it only shows me the handshake then shows connected for about a minute then loops.
I’m starting to think you are right about the route not getting created correctly. How would i go about manually creating the routes without having access to the other side?
I did quick test, it connects, there’s default route, outgoing traffic goes via tunnel, but I have zero incoming traffic. Can’t even ping the gateway.
It works with desktop client (as expected). There’s some interesting info in log:
Wed Jun 20 16:14:20 2018 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
Oops, LZO + RouterOS = no way. But further in the log it says “comp-lzo no”:
Wed Jun 20 16:14:21 2018 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,comp-lzo no,comp-noadapt,route 10.13.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.13.0.98 10.13.0.97,peer-id 0,cipher AES-256-GCM'
I’m no OpenVPN expert, but I’d guess it works without LZO in the end. But since it’s in push reply, maybe the client had to ask for it first. And that’s a question if RouterOS does that, it’s debug output for OpenVPN is completely cryptic, it’s not possible to find anything useful there.
The other side already knows how to reach you. At least, it should. If you have to create the route, by hand, it would be local.
If anyone has managed to get this to work let me know. For right now I’m using their PPTP option. I know PPTP is insecure but at this point it is better than nothing for free.
Hi, I am using a Mikrotik router so as to connect to my remote network through OpenVpn UDP protocol, I used RouterOS 7 beta, it connects but there is no route to Internet, can someone check my configs to see if there is any problem ?
I can’t use TCP protocol, so do you think isntalling OpenWRT on the router could be a better solution ?
