Hello Guys,
First Hi to the community, i am new to the Forum :>
I dont know if this helps but i have some basic expirience with MT I am certified MTCNA/MTCRE
My Problem is that i am trying to setup my MT as OpenVPN Server for my Home-network and i run into this issue:
Mon Oct 30 11:06:36 2017 VERIFY EKU OK
Mon Oct 30 11:06:36 2017 VERIFY OK: depth=0, CN=*.xxxxx
Mon Oct 30 11:06:36 2017 Connection reset, restarting [0]
Mon Oct 30 11:06:36 2017 SIGUSR1[soft,connection-reset] received, process restarting
Mon Oct 30 11:06:36 2017 Restart pause, 20 second(s)
Mon Oct 30 11:06:56 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]xxxxxx:1194
Mon Oct 30 11:06:56 2017 Socket Buffers: R=[65536->65536] S=[65536->65536]
Mon Oct 30 11:06:56 2017 Attempting to establish TCP connection with [AF_INET]xxxxxxx:1194 [nonblock]
Mon Oct 30 11:06:57 2017 TCP connection established with [AF_INET]xxxxxx:1194
Mon Oct 30 11:06:57 2017 TCP_CLIENT link local: (not bound)
Mon Oct 30 11:06:57 2017 TCP_CLIENT link remote: [AF_INETxxxxxx:1194
Mon Oct 30 11:06:57 2017 TLS: Initial packet from [AF_INET]xxxxxx:1194, sid=0a2177f9 5372894d
Mon Oct 30 11:06:59 2017 VERIFY OK: depth=1, CN=xxxxx
Mon Oct 30 11:06:59 2017 VERIFY KU OK
Mon Oct 30 11:06:59 2017 Validating certificate extended key usage
Mon Oct 30 11:06:59 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
What have i done so far GUIDE:
https://www.medo64.com/2016/12/simple-openvpn-server-on-mikrotik/
One thing i am not sure about is that the CA generated by MT seems a bit weired in what terms i mean is that when you check my CA it starts with
-----BEGIN CERTIFICATE----- (Longkey) -----END CERTIFICATE----------BEGIN CERTIFICATE----- (sameKey) -----END CERTIFICATE----------BEGIN CERTIFICATE----- (sameKey) -----END CERTIFICATE-----
I dont know why this thing is doing that(duplicating the start and ends, but it looks like an error to me i also exported the cert a second time to be sure no export errors occured but the same behaviour is present.
My config:
client
dev tun
proto tcp
remote xxxxxxxx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key clientkey.key
remote-cert-tls server
cipher AES-128-CBC
auth SHA1
auth-user-pass
redirect-gateway def1
verb 3
I really checked tons of guides on google but none of their solutions worked for me I hope you know whats going on couz i dont ;/
RouterOS Version was 6.40 i did a downgrade to 6.39(bugfix) didn’t solved the issue.
Best
Anme