Hi,
I made configs to OpenVPN in my ROS exactly as http://wiki.mikrotik.com/wiki/OpenVPN , with Linux Client it works FINE, but with windows client o have this error :
Tue Aug 26 11:57:16 2008 OpenVPN 2.1_rc9 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Jul 31 2008
Tue Aug 26 11:57:16 2008 Sorry, ‘Auth’ password cannot be read from a file
Tue Aug 26 11:57:16 2008 Exiting
Any idea how to slove this???
PPLLLEEEAAASSSEEEE HEEELLLPPPPP
BR
Mauricio
Tue Aug 26 11:57:16 2008 Sorry, ‘Auth’ password cannot be read from a file
It explains everything.
On windows you are not allowed to read authentication data from file like in linux. Remove line auth-user-pass auth.cfg from ovpn configuration file.
Ok, but if i remove, how to send user/password do ROS OVPN server???
BR
Actually this feature is disabled by default (according to ovpn changelog).
You would have to rebuild OpenVPN on Windows with the --enable-password-save option.
Look at building from source section.
http://openvpn.net/index.php/documentation/install.html?start=1
routeros’s openvpn server work fine with openvpn 2.0,but can’t support “openvpn 2.1 client”,when i connect to ovpn server,log is:
Thu Aug 28 14:38:35 2008 us=468000 OpenVPN 2.1_rc9 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Jul 31 2008
Thu Aug 28 14:38:38 2008 us=375000 WARNING: No server certificate verification method has been enabled. See > http://openvpn.net/howto.html#mitm > for more info.
Thu Aug 28 14:38:38 2008 us=390000 Control Channel MTU parms [ L:1591 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Aug 28 14:38:38 2008 us=390000 Data Channel MTU parms [ L:1591 D:1450 EF:59 EB:4 ET:32 EL:0 ]
Thu Aug 28 14:38:38 2008 us=390000 Local Options String: ‘V4,dev-type tap,link-mtu 1591,tun-mtu 1532,proto TCPv4_CLIENT,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client’
Thu Aug 28 14:38:38 2008 us=390000 Expected Remote Options String: ‘V4,dev-type tap,link-mtu 1591,tun-mtu 1532,proto TCPv4_SERVER,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server’
Thu Aug 28 14:38:38 2008 us=390000 Local Options hash (VER=V4): ‘b60e7885’
Thu Aug 28 14:38:38 2008 us=390000 Expected Remote Options hash (VER=V4): ‘fbeb66e6’
Thu Aug 28 14:38:38 2008 us=390000 Attempting to establish TCP connection with 192.168.0.1:1194
Thu Aug 28 14:38:38 2008 us=390000 TCP connection established with 192.168.0.1:1194
Thu Aug 28 14:38:38 2008 us=390000 Socket Buffers: R=[0->0] S=[0->0]
Thu Aug 28 14:38:38 2008 us=390000 TCPv4_CLIENT link local: [undef]
Thu Aug 28 14:38:38 2008 us=390000 TCPv4_CLIENT link remote: 192.168.0.1:1194
Thu Aug 28 14:38:38 2008 us=406000 TLS: Initial packet from 192.168.0.1:1194, sid=7b767639 0b351900
Thu Aug 28 14:38:38 2008 us=406000 WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
Thu Aug 28 14:38:38 2008 us=671000 VERIFY ERROR: could not extract Common Name from X509 subject string ('/C=CA/ST=NA/L=CHO/O=OpenVPN-GTR/emailAddress=> webmaster@test.com> ') – note that the Common Name length is limited to 64 characters
Thu Aug 28 14:38:38 2008 us=671000 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Thu Aug 28 14:38:38 2008 us=671000 TLS Error: TLS object → incoming plaintext read error
Thu Aug 28 14:38:38 2008 us=671000 TLS Error: TLS handshake failed
Thu Aug 28 14:38:38 2008 us=671000 Fatal TLS error (check_tls_errors_co), restarting
Thu Aug 28 14:38:38 2008 us=671000 TCP/UDP: Closing socket
Thu Aug 28 14:38:38 2008 us=671000 SIGUSR1[soft,tls-error] received, process restarting
Thu Aug 28 14:38:38 2008 us=671000 Restart pause, 5 second(s)
Thu Aug 28 14:38:43 2008 us=671000 WARNING: No server certificate verification method has been enabled. See > http://openvpn.net/howto.html#mitm > for more info.
Thu Aug 28 14:38:43 2008 us=671000 Control Channel MTU parms [ L:1591 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Aug 28 14:38:43 2008 us=671000 Data Channel MTU parms [ L:1591 D:1450 EF:59 EB:4 ET:32 EL:0 ]
Thu Aug 28 14:38:43 2008 us=671000 Local Options String: ‘V4,dev-type tap,link-mtu 1591,tun-mtu 1532,proto TCPv4_CLIENT,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client’
Thu Aug 28 14:38:43 2008 us=671000 Expected Remote Options String: ‘V4,dev-type tap,link-mtu 1591,tun-mtu 1532,proto TCPv4_SERVER,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server’
Thu Aug 28 14:38:43 2008 us=671000 Local Options hash (VER=V4): ‘b60e7885’
Thu Aug 28 14:38:43 2008 us=671000 Expected Remote Options hash (VER=V4): ‘fbeb66e6’
Thu Aug 28 14:38:43 2008 us=671000 Attempting to establish TCP connection with 192.168.0.1:1194
Thu Aug 28 14:38:43 2008 us=671000 TCP/UDP: Closing socket
Thu Aug 28 14:38:43 2008 us=671000 SIGTERM[hard,init_instance] received, process exiting
follwing the instructions i only get this error while compile openvpn.. 
$ make -f makefile.w32
gcc -g -O2 -Wall -Wno-unused-function -Wno-unused-variable -mno-cygwin -I/c/src/openssl-0.9.7k/include -I/c/src/lzo-1.08/include -c cryptoapi.c -o cryptoapi.o
In file included from C:/msys/1.0/mingw/bin/../lib/gcc/mingw32/3.4.5/../../../../include/openssl/crypto.h:131,
from C:/msys/1.0/mingw/bin/../lib/gcc/mingw32/3.4.5/../../../../include/openssl/comp.h:5,
from C:/msys/1.0/mingw/bin/../lib/gcc/mingw32/3.4.5/../../../../include/openssl/ssl.h:176,
from cryptoapi.c:35:
C:/msys/1.0/mingw/bin/../lib/gcc/mingw32/3.4.5/../../../../include/openssl/ossl_typ.h:176: error: syntax error before numeric constant
cryptoapi.c: In functionSSL_CTX_use_CryptoAPI_certificate': cryptoapi.c:368: warning: passing arg 2 ofd2i_X509’ from incompatible pointer type
make: *** [cryptoapi.o] Error 1
any idea how to slove??? or where can i get a precompiled version with the right opetions???
BR
Yes, i need this too and compilling i have the same problem, any solution?