OpenVPN problems.

valsha · May 6, 2015, 5:52pm

Good day, i’m install and setup OpenVPN on mikrotik 6.28.
Generate certificates build-ca, build-key-server, build-key, install this certificates on my ROS box.
Download vpn client from https://openvpn.net/index.php/download/community-downloads.html OpenVPN 2.3.6
When i am trying to connect to my Ovnp box i can see in log this problem:

Wed May 06 01:50:28 2015 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed May 06 01:50:28 2015 Attempting to establish TCP connection with [AF_INET]xxxxxxx:1194 [nonblock]
Wed May 06 01:50:28 2015 MANAGEMENT: >STATE:1430866228,TCP_CONNECT,,,
Wed May 06 01:50:29 2015 TCP connection established with [AF_INET]xxxxxxxxx:1194
Wed May 06 01:50:29 2015 TCPv4_CLIENT link local: [undef]
Wed May 06 01:50:29 2015 TCPv4_CLIENT link remote: [AF_INET]xxxxxxxxxxxx:1194
Wed May 06 01:50:29 2015 MANAGEMENT: >STATE:1430866229,WAIT,,,
Wed May 06 01:50:29 2015 MANAGEMENT: >STATE:1430866229,AUTH,,,
Wed May 06 01:50:29 2015 TLS: Initial packet from [AF_INET]xxxxxxxxxxxx:1194, sid=caa3d264 d869ad15
Wed May 06 01:50:29 2015 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=OpenVPN, OU=changeme, CN=OpenVPS, name=changeme, emailAddress=mail@host.domain
Wed May 06 01:50:29 2015 Validating certificate key usage
Wed May 06 01:50:29 2015 ++ Certificate has key usage  00a0, expects 00a0
Wed May 06 01:50:29 2015 VERIFY KU OK
Wed May 06 01:50:29 2015 Validating certificate extended key usage
Wed May 06 01:50:29 2015 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Wed May 06 01:50:29 2015 VERIFY EKU OK
Wed May 06 01:50:29 2015 VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco, O=OpenVPN, OU=changeme, CN=server, name=changeme, emailAddress=mail@host.domain
Wed May 06 01:50:29 2015 Connection reset, restarting [0]
Wed May 06 01:50:29 2015 SIGUSR1[soft,connection-reset] received, process restarting
Wed May 06 01:50:29 2015 MANAGEMENT: >STATE:1430866229,RECONNECTING,connection-reset,,
Wed May 06 01:50:29 2015 Restart pause, 5 second(s)
Wed May 06 01:50:31 2015 SIGTERM[hard,init_instance] received, process exiting
Wed May 06 01:50:31 2015 MANAGEMENT: >STATE:1430866231,EXITING,init_instance,,

Client box is Win7 64 bit, openvpn config is:

client
dev tap
proto tcp-client
proto tcp
remote xxxxxxxxxxxx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ns-cert-type server
verb 3
auth-user-pass

ca ca.crt
cert valsha.crt
key valsha.key

cipher AES-256-CBC
auth SHA1

valsha · May 8, 2015, 10:29am

Hi, i think something wrong with mikrotik 6.28. I try setup mikrotik 6.15 with a same certificates and config, and all is fine. No any problems.