i'm toying with the idea of moving from cisco to MT.
i have an MT-in-vm setup.
i'd like to use MT to serve as openVPN server.
my problem is, i can't connect windows openVPN connect (v 2.1.3.111) to the openvpn server.
here's the client log:
Wed Jul 18 15:27:02 2018 Wed Jul 18 15:27:02 2018 OpenVPN Management Interface 1.0.0/3.1.1 win x86_64 64-bit [PolarSSL] built on Sep 29 2016 14:26:53
Wed Jul 18 15:27:02 2018 Wed Jul 18 15:27:02 2018 OMI Connecting to [127.0.0.1]:57006 [tcp]
Wed Jul 18 15:27:04 2018 Wed Jul 18 15:27:04 2018 Frame=512/2048/512 mssfix-ctrl=1250
Wed Jul 18 15:27:04 2018 Wed Jul 18 15:27:04 2018 RESOLVE
Wed Jul 18 15:27:04 2018 Wed Jul 18 15:27:04 2018 Contacting x.x.x.x:1194 via TCP
Wed Jul 18 15:27:04 2018 Wed Jul 18 15:27:04 2018 WAIT
Wed Jul 18 15:27:04 2018 Wed Jul 18 15:27:04 2018 Connecting to [x.x.x.x]:1194 (x.x.x.x) via TCPv4
Wed Jul 18 15:27:04 2018 Wed Jul 18 15:27:04 2018 CONNECTING
Wed Jul 18 15:27:04 2018 Wed Jul 18 15:27:04 2018 Tunnel Options:V4,dev-type tun,link-mtu 1543,tun-mtu 1500,proto TCPv4_CLIENT,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client
Wed Jul 18 15:27:04 2018 Wed Jul 18 15:27:04 2018 Creds: Username/Password
Wed Jul 18 15:27:04 2018 Wed Jul 18 15:27:04 2018 Peer Info:
IV_GUI_VER=ovpnmi 1.0.0
IV_VER=3.1.1
IV_PLAT=win
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
UV_ASCLI_VER=UV_ASCLI_VER
UV_PLAT_REL=UV_PLAT_REL
IV_BS64DL=1
Wed Jul 18 15:27:04 2018 Wed Jul 18 15:27:04 2018 VERIFY OK: depth=1
cert. version : 3
serial number : 43:4E:A2:2D:45:DF:55:46
issuer name : CN=myCa
subject name : CN=myCa
issued on : 2018-07-12 17:52:07
expires on : 2019-07-12 17:52:07
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true
key usage : Key Cert Sign, CRL Sign
Wed Jul 18 15:27:04 2018 Wed Jul 18 15:27:04 2018 VERIFY OK: depth=0
cert. version : 3
serial number : 60:54:4D:09:03:08:51:69
issuer name : CN=myCa
subject name : CN=server
issued on : 2018-07-12 17:52:23
expires on : 2019-07-12 17:52:23
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true
key usage : Digital Signature, Key Encipherment, Data Encipherment, Key Cert Sign, CRL Sign
ext key usage : TLS Web Server Authentication, TLS Web Client Authentication
Wed Jul 18 15:27:05 2018 Wed Jul 18 15:27:05 2018 TCP recv EOF
Wed Jul 18 15:27:05 2018 Wed Jul 18 15:27:05 2018 Transport Error: Transport error on 'x.x.x.x: NETWORK_EOF_ERROR
Wed Jul 18 15:27:05 2018 Wed Jul 18 15:27:05 2018 TRANSPORT_ERROR : Transport error on 'x.x.x.x: NETWORK_EOF_ERROR [ERR]
Wed Jul 18 15:27:05 2018 Wed Jul 18 15:27:05 2018 Client terminated, restarting in 5...
From the server, it look like the client gave up.
i've tried using self-signed self created cert (and importing the ca into my windows machine), and i've tried using my godaddy domain cert (still kindda gray for me as go daddy ca is 3 levels deep).
also, i managed to connect using android openvpn, but not windows openvpn connect... (i've tried multiple different machines with different openvpn client version)
has anybody done it? any pointer?