Community discussions

MikroTik App
  4. RouterOS
  5. General

my traffic doesnt pass through open vpn  [SOLVED]

Post Reply
 
Mehrdadx
newbie
Topic Author
Posts: 49
Joined: Thu Mar 17, 2022 7:16 am

my traffic doesnt pass through open vpn

Thu Mar 17, 2022 12:02 pm

Hi guys

i live in iran and here we need to use vpn to reach free internet, so i bought a mikrotik server in france and configured it for Open VPN.
but i have a problem: i can connect to server (windows and android) but i cant open censored websites, in fact my ip wont change to vpn server's IP and seems my traffic is not going through vpn tunnel.

i config my mikrotik server with this video https://www.youtube.com/watch?v=WzApPcz ... =techieLAB

my client config file:
Code: Select all
client 
dev tun 
proto udp-client 
remote x.x.230.10 port 1993
persist-key 
persist-tun 
nobind 
tls-client 
remote-cert-tls server 
ca ca.crt 
cert client.crt 
key client.key 
redirect-gateway def1 
verb 4 
mute 10 
cipher AES-128-CBC 
auth SHA1 
auth-user-pass secret 
auth-nocache
what i must do ?
Top
 
Mehrdadx
newbie
Topic Author
Posts: 49
Joined: Thu Mar 17, 2022 7:16 am

Re: my traffic doesnt pass through open vpn

Fri Mar 18, 2022 9:04 am

how can i enable "Push redirect-gateway def1" command in mikrotik ?
Top
 
Mehrdadx
newbie
Topic Author
Posts: 49
Joined: Thu Mar 17, 2022 7:16 am

Re: my traffic doesnt pass through open vpn

Thu Apr 07, 2022 1:11 pm

hello again

no any solution ?
Top
 
User avatar
sindy
Forum Guru
Forum Guru
Posts: 11418
Joined: Mon Dec 04, 2017 9:19 pm

Re: my traffic doesnt pass through open vpn  [SOLVED]

Thu Apr 07, 2022 5:11 pm

RouterOS does not support pushing routes in OpenVPN. You have to configure the route manually - after the client connects, run
route add 0.0.0.0 MASK 0.0.0.0 ip.of.the.gw from command line. You may have to add a route to your Mikrotik in France and remove the existing default route.
Top
 
Mehrdadx
newbie
Topic Author
Posts: 49
Joined: Thu Mar 17, 2022 7:16 am

Re: my traffic doesnt pass through open vpn

Thu Apr 07, 2022 9:51 pm

RouterOS does not support pushing routes in OpenVPN. You have to configure the route manually - after the client connects, run
route add 0.0.0.0 MASK 0.0.0.0 ip.of.the.gw from command line. You may have to add a route to your Mikrotik in France and remove the existing default route.
so bad :(
problem is we cant do it on phones
Top
 
User avatar
sindy
Forum Guru
Forum Guru
Posts: 11418
Joined: Mon Dec 04, 2017 9:19 pm

Re: my traffic doesnt pass through open vpn

Thu Apr 07, 2022 10:15 pm

You can try Wireguard instead of OpenVPN, or you can run a linux VM instead of CHR in France.

But I've just tried the "OpenVPN for Android" application - it allows to configure routing of everything via the tunnel no matter whether the server pushes a route list. In fact, it is even the default setting.
Top
 
Mehrdadx
newbie
Topic Author
Posts: 49
Joined: Thu Mar 17, 2022 7:16 am

Re: my traffic doesnt pass through open vpn

Fri Apr 08, 2022 8:48 pm

You can try Wireguard instead of OpenVPN, or you can run a linux VM instead of CHR in France.

But I've just tried the "OpenVPN for Android" application - it allows to configure routing of everything via the tunnel no matter whether the server pushes a route list. In fact, it is even the default setting.
i am trying wiregaurd too, yea wireguard is very better. configuring linux is too hard, i prefer mikrotik CHR. however i know there is a better solution: Pfsense but again there is a problem with pfsense, in Iran the sites that sells VPS doesn't provide Pfsense.
Top
 
User avatar
sindy
Forum Guru
Forum Guru
Posts: 11418
Joined: Mon Dec 04, 2017 9:19 pm

Re: my traffic doesnt pass through open vpn

Fri Apr 08, 2022 9:28 pm

I'm not sure I get the point with pfSense - to my understanding, it is an operating system like RouterOS, not a VPN protocol like OpenVPN or Wireguard. So installing a virtual pfSense instead of CHR and configuring OpenVPN on it might be easier than using a general purpose Linux distribution. And I am totally lost regarding sites selling VPNs - how is that related to your case where you operate a VPN server yourself?
Top
 
User avatar
tangent
Forum Guru
Forum Guru
Posts: 1687
Joined: Thu Jul 01, 2021 3:15 pm
Contact:
Contact tangent

Re: my traffic doesnt pass through open vpn

Fri Apr 08, 2022 11:43 pm

I am totally lost regarding sites selling VPNs

“VPS,” not VPN: Virtual Private Server, a la Digital Ocean, Linode, Rackspace… A type of VM specialized for single-instance hosting, as contrasted with 1990s style shared hosting or all this new-fangled cloud stuff.

A VPS gives you a choice of host OS, potentially including pfSense, CHR, your Linux distribution of choice, etc…
Top
 
User avatar
sindy
Forum Guru
Forum Guru
Posts: 11418
Joined: Mon Dec 04, 2017 9:19 pm

Re: my traffic doesnt pass through open vpn

Fri Apr 08, 2022 11:50 pm

Ah, yes, I need better glasses :)

But as the CHR is running somewhere in France, I didn't even think that the "in Iran the sites that sells VPS doesn't provide Pfsense" statement could be related to the hosting.
Top
 
Mehrdadx
newbie
Topic Author
Posts: 49
Joined: Thu Mar 17, 2022 7:16 am

Re: my traffic doesnt pass through open vpn

Sat Apr 09, 2022 9:24 am

Ah, yes, I need better glasses :)

But as the CHR is running somewhere in France, I didn't even think that the "in Iran the sites that sells VPS doesn't provide Pfsense" statement could be related to the hosting.
maybe is related to the hosting companies like OVH or... but pfsense have more options compared to CHR specially for OpenVPN

and i want to say Thank you for Help :)
Top
 
User avatar
own3r1138
Forum Veteran
Forum Veteran
Posts: 729
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:
Contact own3r1138

Re: my traffic doesnt pass through open vpn

Sun Apr 10, 2022 1:28 pm

and i want to say Thank you for Help :)
Dear Mehrdad,
As an Iranian to another, You should include the "Route" in the OpenVPN config file. Furthermore, you should open a ticket at the reseller website and ask them to mount your own ISO such as Pfsense. However, You should know that OpenVPN implemented in MT isn't good at least from my own experience. Move on to IKEv2 or WG and call it a day.
Code: Select all
route 0.0.0.0 0.0.0.0
redirect-gateway def1
Top
 
Mehrdadx
newbie
Topic Author
Posts: 49
Joined: Thu Mar 17, 2022 7:16 am

Re: my traffic doesnt pass through open vpn

Mon Apr 18, 2022 8:54 am

and i want to say Thank you for Help :)
Dear Mehrdad,
As an Iranian to another, You should include the "Route" in the OpenVPN config file. Furthermore, you should open a ticket at the reseller website and ask them to mount your own ISO such as Pfsense. However, You should know that OpenVPN implemented in MT isn't good at least from my own experience. Move on to IKEv2 or WG and call it a day.
Code: Select all
route 0.0.0.0 0.0.0.0
redirect-gateway def1
for now i am using PPTP on windows machines and WG on smartphones. WG is very good and stable but as a network engineer i will try your OVPN solution.
Thank you bro.
Top
Post Reply
  4. RouterOS
  5. General