Struggling to establish working vpn connections with mikrotik routers as clients (satellite offices with dynamic IPs) and linux servers (static IP).
My attempts so far:
OpenVPN
(routed openvpn). ovpn-client to linux openvpn server was working as of 5.**. After upgrading to 6.32 ovpn-client seems to be broken. According to linux logs, connections get established correctly, but no pings get through. I.e., far-end end-points do not respond to pings on either side. As the endpoints are added directly to the routing tables, this is not a routing issue.
l2tp
Mikrotik client to mikrotik server works.
When attempting to connect to linux server, xl2tpd has a lot to complain about in the logs but this is what seems the most critical:
Dec 29 14:09:28 vps xl2tpd[30468]: result_code_avp: avp is incorrect size. 8 < 10
Dec 29 14:09:28 vps xl2tpd[30468]: handle_avps: Bad exit status handling attribute 1 (Result Code) on mandatory packet.
Dec 29 14:09:28 vps xl2tpd[30468]: Terminating pppd: sending TERM signal to pid 5751
As of 6.33; it is impossible to establish l2tp connections between mikrotik clients and linux servers.
ipsec
The only thing working in 6.32 is ipsec tunnels, however:
- They are too slow (half the transfer rate of unencrypted using aes128)
- They are only initiated on demand from the client side
- SAs need to be manually flushed for one of the connections after it goes down periodically
Overall; upgrading to 6.33 and getting new routerboards has been a disappointment. Openwrt would have been a better choice at this point, although much less convenient. The configuration interfaces in routeros is the best I’ve seen.
Wish you best of luck in improving routeros and fixing these problems.
