Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

OVNP Connection reset, restarting [0] - Client stays on Connecting

Post Reply
 
ma3xDFS
just joined
Topic Author
Posts: 2
Joined: Sat Nov 02, 2019 5:49 pm

OVNP Connection reset, restarting [0] - Client stays on Connecting

Sat Nov 02, 2019 6:16 pm

Hello everyone,

Strange policy for new comers you have here. Straight to the topic, as this is the 2nd time I am posting the same information.
I am trying to configure the VPN of RB962UiGS-5HacT2HnT w/ RouterOS v6.45.7.

Below is the CLIENT.OVPN file:
Code: Select all
client
dev tun
proto tcp-client
remote WAN_IP 1194
resolv-retry infinite
nobind
persist-key
persist-tun
;mute-replay-warnings
ca ca.crt
cert client.crt
key client.key
tls-client
remote-cert-tls server
cipher AES-256-CBC
;comp-lzo
verb 5
;mute 20
auth SHA1
--auth-user-pass secret.txt
auth-nocache
;redirect-gateway autolocal
;route 10.0.0.0 255.255.255.0
;route 192.168.88.0 255.255.255.0
Upon trying to establish connection between the Client and the Server, everything works as it is supposed except for the TCP/UDP reset connection in the very end :
Code: Select all
OpenVPN 2.4.7 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 25 2019
Windows version 6.2 (Windows 8 or greater) 64bit
library versions: OpenSSL 1.1.0j  20 Nov 2018, LZO 2.10
Enter Management Password:
MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Need hold release from management interface, waiting...
MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
MANAGEMENT: CMD 'state on'
MANAGEMENT: CMD 'log all on'
MANAGEMENT: CMD 'echo all on'
MANAGEMENT: CMD 'bytecount 5'
MANAGEMENT: CMD 'hold off'
MANAGEMENT: CMD 'hold release'
MANAGEMENT: CMD 'password [...]'
Control Channel MTU parms [ L:1623 D:1210 EF:40 EB:0 ET:0 EL:3 ]
Data Channel MTU parms [ L:1623 D:1450 EF:123 EB:406 ET:0 EL:3 ]
Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_CLIENT,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_SERVER,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
TCP/UDP: Preserving recently used remote address: [AF_INET]{WAN_IP}:1194
Socket Buffers: R=[65536->65536] S=[65536->65536]
Attempting to establish TCP connection with [AF_INET]{WAN_IP}:1194 [nonblock]
MANAGEMENT: >STATE:1572709927,TCP_CONNECT,,,,,,
TCP connection established with [AF_INET]{WAN_IP}:1194
TCP_CLIENT link local: (not bound)
TCP_CLIENT link remote: [AF_INET]{WAN_IP}:1194
MANAGEMENT: >STATE:1572709928,WAIT,,,,,,
MANAGEMENT: >STATE:1572709928,AUTH,,,,,,
TLS: Initial packet from [AF_INET]{WAN_IP}:1194, sid=1eaf9cba 73416e2e
VERIFY OK: depth=1, C=US, ST=New York, L=New York, O=Ltd., OU=SecDef, CN=CA
VERIFY KU OK
Validating certificate extended key usage
++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
VERIFY EKU OK
VERIFY OK: depth=0, C=US, ST=New York, L=New York, O=Ltd., OU=SecDef, CN=VPN
Connection reset, restarting [0]
TCP/UDP: Closing socket
SIGUSR1[soft,connection-reset] received, process restarting
MANAGEMENT: >STATE:1572709929,RECONNECTING,connection-reset,,,,,
Restart pause, 5 second(s)
Re-using SSL/TLS context
Control Channel MTU parms [ L:1623 D:1210 EF:40 EB:0 ET:0 EL:3 ]
Data Channel MTU parms [ L:1623 D:1450 EF:123 EB:406 ET:0 EL:3 ]
Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_CLIENT,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_SERVER,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
TCP/UDP: Preserving recently used remote address: [AF_INET]{WAN_IP}:1194
Socket Buffers: R=[65536->65536] S=[65536->65536]
Attempting to establish TCP connection with [AF_INET]{WAN_IP}:1194 [nonblock]
MANAGEMENT: >STATE:1572709934,TCP_CONNECT,,,,,,
TCP connection established with [AF_INET]{WAN_IP}:1194
TCP_CLIENT link local: (not bound)
TCP_CLIENT link remote: [AF_INET]{WAN_IP}:1194
MANAGEMENT: >STATE:1572709935,WAIT,,,,,,
MANAGEMENT: >STATE:1572709935,AUTH,,,,,,
TLS: Initial packet from [AF_INET]{WAN_IP}:1194, sid=0c5bded4 ec5a841b
VERIFY OK: depth=1, C=US, ST=New York, L=New York, O=Ltd., OU=SecDef, CN=CA
VERIFY KU OK
Validating certificate extended key usage
++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
VERIFY EKU OK
VERIFY OK: depth=0, C=US, ST=New York, L=New York, O=Ltd., OU=SecDef, CN=VPN
Connection reset, restarting [0]
TCP/UDP: Closing socket
SIGUSR1[soft,connection-reset] received, process restarting
MANAGEMENT: >STATE:1572709937,RECONNECTING,connection-reset,,,,,
Restart pause, 5 second(s)
SIGTERM[hard,init_instance] received, process exiting
MANAGEMENT: >STATE:1572709941,EXITING,init_instance,,,,,
WRWRWRRWRWRWRWRRWRWRWRWRRWRWRWRWRRWR
The configuration files comes from OpenVPN running previously on a Windows Server. I am not sure where the restrictions come from that's why I am submitting this. I have followed an YouTube video in order to properly configure the Mikrotik device (won't share the URL now as I suppose this was the reason I had my 1st post not confirmed by the Moderators team).

BR,
T.
Last edited by ma3xDFS on Mon Nov 04, 2019 6:04 pm, edited 2 times in total.
Top
 
wfalcon
just joined
Posts: 24
Joined: Thu Mar 23, 2017 3:03 pm

Re: OVNP Connection reset, restarting [0] - Client stays on Connecting

Mon Nov 04, 2019 11:57 am

this should definitely help
Top
 
ma3xDFS
just joined
Topic Author
Posts: 2
Joined: Sat Nov 02, 2019 5:49 pm

Re: OVNP Connection reset, restarting [0] - Client stays on Connecting

Mon Nov 04, 2019 6:15 pm

Well, checked the URL you have left me. Thank you. Did not see anything different in the configuration files I have and what the others were discussing.

This is the Terminal output when I logged in:
ovpn,debug,error,,,,,,,,,l2tp,info,,debug,,,critical,,,,,,,,,,,,,warning duplicate packet, dropping

What was offered when I have tried searching for in here is inapplicable - tried it already as the first time I have tried running the OVPN on the Mikrotik I have had all certificates and configuration files imported. The above was the client's console error I received back then and now. Then started over and ended up here discussing the misconfiguration, as it is obviously misconfigured.

BR,
T.
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 10 guests
  4. RouterOS
  5. Beginner Basics