Folks,
I’ve successfully configured OpenVPN links between a number of Mikrotik routers (with firewalls disabled) BUT once I put the firewall back in place the connections fail.
The firewalls are set to pass, per widely available documentation, tcp to ports 1194 and 5000 and udp to ports 1194 and 5000 (notwithtstanding the fact that current Mikrotik documentation suggests that only tcp is used in the Mikrotik documentation.
All other traffic is then dropped.
Once that last rule is enabled the OpenVPN connections drop.
The firewall works on input packets to the router only and permits packets from any source to ports 1194 or 5000 respectively with both tcp and udp.
I can find no reference to OpenVPN needing any other ports.
Any thoughts as to what I am missing?
The network is running BUT obviously I don’t want to leave the firewall open any longer than necessary as two of these routers are connected directly to the internet.
Cheers
Ian