Hi Group I have been trying out Mikrotik’s RouterOS v7 specifically to test UDP OpenVPN. I have set up OpenVPN from my Home Office router (OpenVPN Client) to my hosted Astlinux (OpenVPN Server) for telephony purposes only. The connection has come up fine and I can ping the OpenVPN addresses each way from the terminating devices but I cant for the life of me get connectivity working from the Home Office LAN to the Astlinux OpenVPN address. OpenVPN Subnet: 172.28.253.0/24. Astlinux gateway .1 Home Office LAN: 172.16.16.0/24
I have set up the iroute file: 3000-IPC_Prod-CM1 kd # cat openvpn/ccd/IPC_Home_Office iroute 172.16.16.0 255.255.255.0 3000-IPC_Prod-CM1 kd # ip route default via 221.121.132.145 dev eth0 172.16.16.0/24 via 172.28.253.1 dev tun0 172.28.253.0/24 dev tun0 proto kernel scope link src 172.28.253.1 ....... ### gui.openvpn.conf - start ### ### ### Auth Method OVPN_USER_PASS_VERIFY="no" ### Device OVPN_DEV="tun0" ### Port Number OVPN_PORT="1194" ### Protocol OVPN_PROTOCOL="udp" ### Log Verbosity OVPN_VERBOSITY="4" ### Compression OVPN_LZO="no" ### QoS Passthrough OVPN_QOS="yes" ### Cipher OVPN_CIPHER="" ### Auth HMAC OVPN_AUTH="" ### Allowed External Hosts OVPN_TUNNEL_HOSTS="0/0" ### Client Isolation OVPN_CLIENT_ISOLATION="no" ### Server Hostname OVPN_HOSTNAME="30000.ipcaccess.net" ### Server IPv4 Network OVPN_SERVER="172.28.253.0 255.255.255.0" ### Server IPv6 Network OVPN_SERVERV6="" ### Topology OVPN_TOPOLOGY="subnet" ### Server Push OVPN_PUSH=" " ### Raw Commands OVPN_OTHER=" topology p2p route-gateway 172.28.253.1 route 172.16.16.0 255.255.255.0 " ### Private Key Size OVPN_CERT_KEYSIZE="2048" ### Signature Algorithm OVPN_CERT_ALGORITHM="sha256" ### CA File OVPN_CA="/mnt/kd/openvpn/webinterface/keys/ca.crt" ### CERT File OVPN_CERT="/mnt/kd/openvpn/webinterface/keys/server.crt" ### Key File OVPN_KEY="/mnt/kd/openvpn/webinterface/keys/server.key" ### DH File OVPN_DH="/mnt/kd/openvpn/webinterface/dh1024.pem" ### TLS-Auth File OVPN_TA="" ### Valid Clients OVPN_VALIDCLIENTS=" ........... IPC_Home_Office " ### gui.openvpn.conf - end ### I have looked at the firewall log on the Mikrotik and nothing comes up as being denied. Any ideas on where to go next? Yes I realise it's a Beta version but as I can ping the OpenVPN address each way, it just seems to be a routing problem. Thanks all. Regards Michael Knill
_______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
