mikrotik openvpn problem

Hello,
I have OpenVPN server I try to set a mikrotik as client ….  but the connection not established.
for example I using this profile :
###############################
# FreeOpenVPN.Org config file #
# https://www.freeopenvpn.org #
###############################
dev tun
proto tcp
remote 136.25.x.x 1890
cipher AES-128-CBC
auth SHA1
resolv-retry infinite
nobind
persist-key
persist-tun
client
verb 3
<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
</key>

Open in new window

but it's not work ….
should I use user name and password ?
it there any configuration I should use it from server side ?
thanks.
Amin El-ZeinAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
You should try to read the log file. It should identify the main reason for connection failure.
It can also help if you run OpenVPN client on a PC for test, as that is usually easier to debug.
0
Amin El-ZeinAuthor Commented:
on pc it's work , on mikrotik it's get my duplicated packet dropping….
does mikrotik workout  password ?
0
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
Duplicated packets? Which ones - establishing the connection or transferring data?
And why should "password" change anything?
0
Webinar: Miercom Evaluates Wi-Fi Security

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom how WatchGuard's Wi-Fi security stacks up against the competition in our upcoming webinar!

Amin El-ZeinAuthor Commented:
hello,
as I read on the other forums over internet , that the connection should have user name and password and it's not working without password.... in case we are using client cert.
thanks,
0
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
I don't know how mikrotik or freeOpenVPN manages its connections, but OpenVPN itself does not allow for providing user name and password in the config file. That only works if it uses a management connection, whose port then needs to be configured either on command line or in the config file (in short, as part of the client config).
And then you need to have user authentication as requirement on the server side.

So doing that adds complexity on both ends. I do not see any reason why it should work better with explicit authentication, and you cannot just decide if to use it or not - both ends need to be configured the same.
0
Amin El-ZeinAuthor Commented:
i give you an example of client configuration file that is not working on mikrotik … but in other profile it's work if the server required user and password.
thanks.
0
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
Sorry, but you mix up concepts and configurations, and so I'm not able to understand what your issues are.

If the server requires a user and password, you need to provide it. If it does not, you do not. That one is simple. And it is not related to duplicate packets, as you wrote in #a42701348.

The Mikrotik OpenVPN Wiki at https://wiki.mikrotik.com/wiki/OpenVPN describes the command for starting a client with user authentication - if that is the solution here. Easy to check out.
0
Amin El-ZeinAuthor Commented:
Hello,
I think that you didn't understand me
I have OpenVPN access server …
I disbaled the tls authentication but mikrotik as client still not working and not connected... no error just P Control_ Hard Reeset V2
 so where the problem
?
could please give me the correct conf for openvpen access server and mikrotik ?
thanks.
0
Amin El-ZeinAuthor Commented:
hello,
the problem was because mk doesn't support tls AUTH
I add a chipper and auth parameter to open vpn access server and its work fine.
thanks.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.