I have some questions regarding VPN setup
I have a Mikrotik CC1009 which act as VPN server for OpenVPN.
This setup is made after this guide: https://rbgeek.wordpress.com/2014/09/10 ... -routeros/
Which works perfect with Road warrior clients.
BUT I havew some PLC which IO would like to connect to the Mikrotik server - but this setup does not use auth file
Is it possible to have 2 different options of logging a new client in - without the user passwd ?
Hope you can heltp through this problem
My Client configuration
Differences is running UDP and no auth.cfg file
Code: Select all
client
dev tun
proto udp
remote 78.XXX.XXX.XX 1194
resolv-retry infinite
nobind
# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nogroup
persist-key
persist-tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/wago.crt
key /etc/openvpn/keys/wago.key
ns-cert-type server
comp-lzo
cipher BF-CBC # Blowfish
status /etc/openvpn/openvpn-status.log
# Set log file verbosity.
verb 4
On THe VPN client I'm getting this :
Code: Select all
Tue May 16 09:49:57 2017 us=705310 Restart pause, 2 second(s)
Tue May 16 09:49:59 2017 us=706616 Re-using SSL/TLS context
Tue May 16 09:49:59 2017 us=706893 LZO compression initialized
Tue May 16 09:49:59 2017 us=709232 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:3 ]
Tue May 16 09:49:59 2017 us=709786 Socket Buffers: R=[163840->131072] S=[163840->131072]
Tue May 16 09:49:59 2017 us=709940 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:143 ET:0 EL:3 AF:3/1 ]
Tue May 16 09:49:59 2017 us=710124 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue May 16 09:49:59 2017 us=710217 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue May 16 09:49:59 2017 us=711601 Local Options hash (VER=V4): '41690919'
Tue May 16 09:49:59 2017 us=713848 Expected Remote Options hash (VER=V4): '530fdded'
Tue May 16 09:49:59 2017 us=715017 UDPv4 link local: [undef]
Tue May 16 09:49:59 2017 us=716986 UDPv4 link remote: [AF_INET]78.XX.XX.XX:1194
Tue May 16 09:50:59 2017 us=230679 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue May 16 09:50:59 2017 us=231941 TLS Error: TLS handshake failed
Tue May 16 09:50:59 2017 us=234556 TCP/UDP: Closing socket
Tue May 16 09:50:59 2017 us=236680 SIGUSR1[soft,tls-error] received, process restarting
Tue May 16 09:50:59 2017 us=237972 Restart pause, 2 second(s)
Tue May 16 09:51:01 2017 us=239032 Re-using SSL/TLS context
Tue May 16 09:51:01 2017 us=239309 LZO compression initialized
Tue May 16 09:51:01 2017 us=241125 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:3 ]
Tue May 16 09:51:01 2017 us=243002 Socket Buffers: R=[163840->131072] S=[163840->131072]
Tue May 16 09:51:01 2017 us=244048 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:143 ET:0 EL:3 AF:3/1 ]
Tue May 16 09:51:01 2017 us=245586 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue May 16 09:51:01 2017 us=246633 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue May 16 09:51:01 2017 us=247002 Local Options hash (VER=V4): '41690919'
Tue May 16 09:51:01 2017 us=248233 Expected Remote Options hash (VER=V4): '530fdded'
Tue May 16 09:51:01 2017 us=249710 UDPv4 link local: [undef]
Tue May 16 09:51:01 2017 us=252202 UDPv4 link remote: [AF_INET]78.XX.XX.XX:1194