OVPN 7.10.1

xabaras · July 11, 2023, 9:14am

I’m experimenting with version 7.x in particular 7.10.1

Routings let’s say they work, I still have to study but everything seems to work.

I’m having problems with OVPN though

The client connects but then doesn’t seem to surf the lan. as if proxy-arp doesn’t work

I do not understand. I tried a very simple configuration

2023-07-10 18:44:54 by RouterOS 7.10.1

software id = H685-EVH0

model = RB4011iGS+

serial number = HDH08ZH69EA

/interface bridge
add arp=proxy-arp name=lan
/interface pppoe-client
add disabled=no interface=ether10 name=pppoe-isp1 user=XY1234567
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_Pool_Lan ranges=192.168.32.101-192.168.32.139
/port
set 0 name=serial0
set 1 name=serial1
/ppp profile
add bridge=lan local-address=192.168.32.1 name=profileOVPN remote-address=
dhcp_Pool_Lan
/interface bridge port
add bridge=lan interface=ether1
add bridge=lan interface=ether2
add bridge=lan interface=ether3
add bridge=lan interface=ether4
add bridge=lan interface=ether5
add bridge=lan interface=ether6
add bridge=lan interface=ether7
add bridge=lan interface=ether8
add bridge=lan interface=ether9
/interface ovpn-server server
set auth=sha1 certificate=OVPNServer.crt_0 cipher=aes256-cbc
default-profile=profileOVPN enabled=yes redirect-gateway=“”
/ip address
add address=192.168.32.1/24 interface=lan network=192.168.32.0
/ip dns
set servers=8.8.8.8,1.1.1.1
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-isp1
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=pppoe-isp1 routing-table=main
suppress-hw-offload=no
/ip service
set telnet disabled=yes
set www disabled=yes
/ppp secret
add name=testOVPN profile=profileOVPN service=ovpn
/system clock
set time-zone-name=Europe/Rome
/system note
set show-at-login=no
/system routerboard settings
set enter-setup-on=delete-key

I also tried with the develope 7.11beta4 version but the problem is not resolved.

Am I doing something wrong? On version 6.49.8 it works correctly

spippan · July 11, 2023, 11:26am

it might be a problem you addressing the VPN clients within the same subnet as the LAN clients

EDIT: the routing engine in ros v7 is different from v6, so that might impact that config

chaynick · July 11, 2023, 3:15pm

Got same issue on hex S. Looks like bug, as far as i checked there is a problem on server-side OVPN in 7.10 - no data tranfer between interfaces. Try to downgrade to 7.9 release.

xabaras · July 11, 2023, 5:28pm

True
With 7.9.2 it works correctly

I also tried with 7.11beta4 and it still didn’t work.

Are the developers unaware of the bug?

Gadulowaty · July 14, 2023, 5:34pm

For 7.10 fw please check if after connecting through ovpn - created ovpn interface on server side gets assigned server side ip address. In ip/addresses table should be marked as dynamic. If not then this definitly is fw bug (i have same problem)