Hello,
Please help me to configure my OpneVPN connection to OpenVPN Server.
I have generated from server my certs:
ca.crt
my.crt
my.key
I have found some instructions how to configure ovpn client, but most of them have user name and passwords.
My authorization is based on certificates.
Please help me how to connect from my Mikrotik Router to ovpn server (linux based).
MikroTikFan
Try this: Configure OpenVPN client
Thanks, this is very important, especially user=CN
Now go to PPP/Profiles and create a new profile named openvpn-client. Set as follows…
Use IPv6: no
Use MPLS: no
Use Compression: no
Use VJ Compression: no
Use Encryption: yes
All other fields can be left empty or at their defaults.
Now go to PPP/Interface and add a new OVPN Client. Set as follows…
Connect to:
Port: 1194
Mode: ip
User:
Profile: openvpn-client
Certificate:
Auth:
Cipher:
but after this I have still problem in NAT rule:
Chain:srcnat
Out.Interface:ovpnclient
Action:masquerade
RED: ovpn-client not ready ;-(
IP->Routes
BLUE: ovpn-client unreachable
Please help me to find connection problem.
I have checked informations from OpenVPN server logs.
Unfortunately in OpenVPN server logs I don’t see any connections tyres from my client.
On the other hand from OpenVPN Client side I see that each connection is ended - disconnected
Please look at my log (attachment) and help me why Mikrotik is not going to establish connection to OpenVPN Server ?
I think that I just found reason in post
http://forum.mikrotik.com/t/feature-request-openvpn-compression-lzo-and-udp/70641/1
about problems to use UDP with OpenVPN (1194)
Is there any way to connect as OpenVPN client to UDP 1194 port ?
Default protocol for OpenVPN is 1194 (UDP) and this is not working ?
I think you missed the point that unless and until MikroTik implements it, a MikroTik router (as OpenVPN server) accepts only tcp protocol for openVPN connection.
As above. The line below is included in the OpenVPN script on client machine for this reason.
proto tcp-client
proto tcp-client
but I need UDP, so how can I run ovpn client with udp-proto?
Nah, you won’t be able to do it. Not at least without what seems like a significant performance hit.
In your linked thread, one post tells you that you can use the “Metarouter” feature to enable OpenVPN with UDP, but be aware that the router’s performance will be noticeably less.
I’m not sure I understand the technical reasons why it is this way, but it is…
Solution based on MetaRouter (OpenWRT) is not efficient and quite complicated.
I’m owner of Mikrotik router and Mikrotik OS not OpenWRT.
I just expect from Mikrotik to support market standards solutions like OpenVPN UDP and TCP.
I need to connect to OpenVPN 1194 (UDP) which is a standard solution and really I don’t know how I can I do this using Mikrotik OS.
Frequent Visitor > explained
I think you missed the point that unless and until MikroTik implements it, a MikroTik router (as OpenVPN server) accepts only tcp protocol for openVPN connection.
that Mikrotik implements this, so I understand that using
but other case is if I use
2)Mikrotik as OpenVPN client which is immplemented.
My problem is 2) so how can I run OpenVPN Client on UDP port ?
You can’t. UDP mode is currently unsupported.
UDP mode is currently unsupported in both openvpn roles client (server other router) and server on Mikrotik ;-(
Why this is so popular in other routers and UDP port is simply faster !