OpenVPN Issues

brandon1767 · October 8, 2017, 5:46pm

Hey Everyone,

I am new to RouterOS and am having some issues getting OpenVPN setup for my remote network monitor. I am using the built-in OpenVPN server on RouterOS. When I connect on my local network everything works great, but when I try to connect remotely (through the internet) I am unable to reach the server.

Here is my OVPN config: https://i.imgur.com/61eXsHy.png
Here is my VPN Profile: https://i.imgur.com/qDXF3KM.png

bridge1 = LAN
ether5 = WAN
I am not using an ip pool for the vpn as I am only having one device connect.

Here are my Firewall Rules:

0 D ;;; special dummy rule to show fasttrack counters
chain=forward action=passthrough

1 ;;; Accept Established / Related Input
chain=input action=accept connection-state=established,related log=no log-prefix=“”

2 ;;; OpenVPN
chain=input action=accept protocol=tcp dst-port=1194 log=no log-prefix=“”

3 ;;; WinBOX Access
chain=input action=accept protocol=tcp src-address=192.168.1.0/24 dst-address=192.168.1.1 in-interface=bridge1 dst-port=8291 log=no log-prefix=“”

4 ;;; DNS Server
chain=input action=accept protocol=udp src-address=192.168.1.0/24 dst-address=192.168.1.1 in-interface=bridge1 dst-port=53 log=no log-prefix=“”

5 ;;; WEB GUI ACCESS
chain=input action=accept protocol=tcp src-address=192.168.1.0/24 dst-address=192.168.1.1 in-interface=bridge1 dst-port=80 log=no log-prefix=“”

6 ;;; WEB GUI ACCESS
chain=input action=accept protocol=udp src-address=192.168.1.0/24 dst-address=192.168.1.1 in-interface=bridge1 dst-port=80 log=no log-prefix=“”

7 ;;; Allow Management Input
chain=input action=accept src-address=10.1.157.0/24 in-interface=ether8 log=no log-prefix=“”

8 ;;; Drop Input
chain=input action=drop log=yes log-prefix=“Input Drop”

9 ;;; Fast Track Established / Related Forward
chain=forward action=fasttrack-connection connection-state=established,related log=no log-prefix=“”

10 ;;; Accept Established and Related Forward
chain=forward action=accept connection-state=established,related log=no log-prefix=“”

11 ;;; Allow client traffic on WAN
chain=forward action=accept src-address=192.168.1.0/24 in-interface=bridge1 out-interface=ether5 log=no log-prefix=“”

12 ;;; Drop Bogon Forward → Ether5
chain=forward action=drop src-address-list=bogons in-interface=ether5 log=yes log-prefix=“Bogon Forward Drop”

13 ;;; Drop All Forward
chain=forward action=drop log=no log-prefix=“”

I would appreciate any help!

Thanks,

Brandon