I tried my best to resolve & research my issue but could not find the solution. I am running OpenVPN Access Server v. 2.1.4b and trying to connect my Mikrotik with RouterOS 6.37rc12.
I have generated the autologin certificates for the user and imported it to Mikrotik. I am able to estabish the vpn connection but there is no traffic.
This is caused by (i assume) a compression error.
Code: Select all
2017-03-20 17:24:37+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:37 2017 TCP connection established with [AF_INET]XX.XX.XXX.XXX:53003'
2017-03-20 17:24:37+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:37 2017 XX.XX.XXX.XXX:53003 TLS: Initial packet from [AF_INET]XX.XX.XXX.XXX:53003, sid=cfc8efa7 1f12463d'
2017-03-20 17:24:39+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:39 2017 XX.XX.XXX.XXX:53003 VERIFY OK: depth=1, /CN=OpenVPN CA'
2017-03-20 17:24:39+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:39 2017 XX.XX.XXX.XXX:53003 VERIFY OK: nsCertType=CLIENT'
2017-03-20 17:24:39+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:39 2017 XX.XX.XXX.XXX:53003 VERIFY OK: depth=0, /CN=USER'
2017-03-20 17:24:39+0000 [-] OVPN 1 OUT: "Mon Mar 20 17:24:39 2017 XX.XX.XXX.XXX:53003 WARNING: 'keydir' is present in local config but missing in remote config, local='keydir 1'"
2017-03-20 17:24:39+0000 [-] OVPN 1 OUT: "Mon Mar 20 17:24:39 2017 XX.XX.XXX.XXX:53003 WARNING: 'tls-auth' is present in local config but missing in remote config, local='tls-auth'"
2017-03-20 17:24:40+0000 [-] AUTH SUCCESS {'status': 0, 'reason': 'PAM auth succeeded', 'serial_list': [], 'user': u'USER', 'proplist': {u'prop_autologin': u'true', u'type': u'user_connect', u'prop_autogenerate': u'true'}, 'common_name': u'USER', 'serial': '2'} cli=''/''
2017-03-20 17:24:40+0000 [-] OVPN 1 OUT: "Mon Mar 20 17:24:40 2017 MANAGEMENT: CMD 'client-auth 0 0'"
2017-03-20 17:24:40+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:40 2017 XX.XX.XXX.XXX:53003 Control Channel: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA'
2017-03-20 17:24:40+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:40 2017 XX.XX.XXX.XXX:53003 [USER] Peer Connection Initiated with [AF_INET]XX.XX.XXX.XXX:53003'
2017-03-20 17:24:40+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:40 2017 USER/XX.XX.XXX.XXX:53003 OPTIONS IMPORT: compression parms modified'
2017-03-20 17:24:40+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:40 2017 USER/XX.XX.XXX.XXX:53003 MULTI: Learn: 172.27.228.2 -> USER/XX.XX.XXX.XXX:53003'
2017-03-20 17:24:40+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:40 2017 USER/XX.XX.XXX.XXX:53003 MULTI: primary virtual IP for USER/XX.XX.XXX.XXX:53003: 172.27.228.2'
2017-03-20 17:24:40+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:40 2017 USER/XX.XX.XXX.XXX:53003 send_push_reply(): safe_cap=940'
2017-03-20 17:24:40+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:40 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
2017-03-20 17:24:41+0000 [-] OVPN 1 OUT: 'Mon Mar 20 17:24:41 2017 USER/XX.XX.XXX.XXX:53003 Bad compression stub decompression header byte: 69'
Code: Select all
-opt-verify
-tls-auth
-comp-lzo no
auth none
mssfix
This is my Mikrotik configuration:
This is the PPP profile:
Code: Select all
Flags: * - default
0 * name="default" remote-ipv6-prefix-pool=*0 use-ipv6=yes use-mpls=default use-compression=no use-encryption=default only-one=default change-tcp-mss=yes use-upnp=default
address-list="" on-up="" on-down=""
Code: Select all
Flags: X - disabled, R - running
0 X name="ovpn-out1" mac-address=XX:XX:XX:XX:XX:XX max-mtu=1500 connect-to=XX.XXX.XXX.XXX port=443 mode=ip user="USER" password="XXXXXXXXX" profile=default
certificate=client.crt_0 auth=null cipher=blowfish128 add-default-route=yes
Maybe this question is already answered but i couldnt find anything
Please point me to the right direction.
Thanks and BR
Chris