I just setup my first MikroTik router (RB3011) to replace my Debian router/firewall box and I’m trying to get OVPN setup.
I’m using the default configuration, I’ve created a user and IP pool for VPN, etc.
I can connect to the VPN with my Android Phone using OpenVPN Connect, but that’s as far as it gets.
When the device connects, it gets an address from the pool (192.168.175.X).
I see a /32 route added automatically when the device connects and that says the gateway () is reachable.
I have the srcnat masquerade rule in place for the VPN IP range.
When the client is connected, machines on my LAN can ping the VPN gateway address (182.168.175.1).
However, they cannot ping the phone’s address, and the phone cannot ping them or the gateway address.
I’m guessing I’m missing something fairly simple, but I’m a bit at a loss as to what it might be, especially since I’m new to RouterOS and it’s ovpn implementation, since my last setup was a full OpenVPN server on the previous box and had a permanent tun device as the VPN gateway IP.
Here’s my current client config:
dev tun
proto tcp-client
remote myserver 1194
tls-client
user nobody
group nogroup
#comp-lzo # Do not use compression.
# More reliable detection when a system loses its connection.
ping 15
ping-restart 45
ping-timer-rem
persist-tun
persist-key
mute-replay-warnings
verb 3
cipher BF-CBC
auth SHA1
pull
ca MyCA.crt
auth-user-pass auth.cfg
Thanks!