Community discussions

MikroTik App
 
DonPablo
just joined
Topic Author
Posts: 2
Joined: Fri Jun 03, 2022 4:17 pm

OpenVPN Client2Site - TLS Fail

Mon Jun 06, 2022 5:22 pm

Hello,
I'm trying to use OpenVPN config file, which worked just fine when used in pc app, but I dont know why I'm getting
ovpn-out1: terminating... - TLS failed
in logs
dev tun
persist-tun
persist-key
cipher AES-128-CBC
ncp-ciphers AES-128-GCM
auth SHA256
tls-client
client
resolv-retry infinite
remote XXX.XX.XXX.XXX 1194 udp
verify-x509-name "THE_NAME" name
auth-user-pass
remote-cert-tls server

<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
</key>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
...
-----END OpenVPN Static key V1-----
</tls-auth>
I Imported ovpn file as certificates, and i got Trusted certificate, and Trusted Key,

But I think the problem is in
2048 bit OpenVPN static key
becase I didn't use it in any way.

Can I get any advice?

I red earlier that TLS doesn't work on RouterOS, but that can refer to different case.

I'm on RouterOS 7.2.3
 
Sob
Forum Guru
Forum Guru
Posts: 9121
Joined: Mon Apr 20, 2009 9:11 pm

Re: OpenVPN Client2Site - TLS Fail  [SOLVED]

Tue Jun 07, 2022 3:03 am

Unfortunately for you, even latest RouterOS doesn't support tls-auth.
 
DonPablo
just joined
Topic Author
Posts: 2
Joined: Fri Jun 03, 2022 4:17 pm

Re: OpenVPN Client2Site - TLS Fail

Tue Jun 07, 2022 10:29 am

Unfortunately for you, even latest RouterOS doesn't support tls-auth.
OK, Thank You For your answer.
Have a nice day : - )

Edit:
Do we know, when tls-auth support can be expected?
 
rndm
just joined
Posts: 13
Joined: Wed Nov 09, 2022 11:09 pm

Re: OpenVPN Client2Site - TLS Fail

Tue Nov 29, 2022 12:43 pm

Unfortunately for you, even latest RouterOS doesn't support tls-auth.
Any updates on this from Mikrotik team?
 
mcwnuq
just joined
Posts: 3
Joined: Sun Jan 22, 2023 1:46 am

Re: OpenVPN Client2Site - TLS Fail

Mon Nov 13, 2023 7:21 pm

It is implemented in 7.12 and it works, thank you MikroTik team!
 
lendy007
just joined
Posts: 1
Joined: Mon May 13, 2024 4:58 pm

Re: OpenVPN Client2Site - TLS Fail

Mon May 13, 2024 5:00 pm

@mcwnuq would you mind sharing some example client config file with tls-auth which is working with Mikrotik? I am trying multiple times modifying client config file which I am using for Windows computers, it is imported, but when I try to connect, I see in OpenVPN server logs:
TLS Error: incoming packet authentication failed from [AF_INET]

Who is online

Users browsing this forum: Bing [Bot], mktbm and 21 guests