Hello,
I’m trying to use OpenVPN config file, which worked just fine when used in pc app, but I dont know why I’m getting
ovpn-out1: terminating… - TLS failed
in logs
dev tun
persist-tun
persist-key
cipher AES-128-CBC
ncp-ciphers AES-128-GCM
auth SHA256
tls-client
client
resolv-retry infinite
remote XXX.XX.XXX.XXX 1194 udp
verify-x509-name “THE_NAME” name
auth-user-pass
remote-cert-tls server
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
key-direction 1
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
...
-----END OpenVPN Static key V1-----
I Imported ovpn file as certificates, and i got Trusted certificate, and Trusted Key,
But I think the problem is in
2048 bit OpenVPN static key
becase I didn’t use it in any way.
Can I get any advice?
I red earlier that TLS doesn’t work on RouterOS, but that can refer to different case.
I’m on RouterOS 7.2.3
Sob
June 7, 2022, 12:03am
2
Unfortunately for you, even latest RouterOS doesn’t support tls-auth.
OK, Thank You For your answer.
Have a nice day : - )
Edit:
Do we know, when tls-auth support can be expected?
rndm
November 29, 2022, 10:43am
4
Any updates on this from Mikrotik team?
mcwnuq
November 13, 2023, 5:21pm
5
It is implemented in 7.12 and it works, thank you MikroTik team!
@mcwnuq would you mind sharing some example client config file with tls-auth which is working with Mikrotik? I am trying multiple times modifying client config file which I am using for Windows computers, it is imported, but when I try to connect, I see in OpenVPN server logs:
TLS Error: incoming packet authentication failed from [AF_INET]
На стороне сервера printun
1 логинемся в могну
mongo pritunl
2 узнаем название сверверов - тот который меняем (mikrotik)
db.servers.find({})
3 меняем настройки
db.servers.update({"name" : "router"}, {$set: { "tls_auth" : false}})
db.servers.update({"name" : "router"}, {$set: { "lzo_compression" : "adaptive"}})