MikroTik

Hi,
there is a "disconnected <unkown cipher alg or key size>" error when I try to connect ovpn server with android client.
it looks like this topic but not same viewtopic.php?t=21087
any idea how to fix it? btw, is "unkown" means "unknown"?

It's probably possible that client uses something more modern by default, so check OpenVPN manual how to specify algorithms in client config, and add what RouterOS uses.

It's probably possible that client uses something more modern by default, so check OpenVPN manual how to specify algorithms in client config, and add what RouterOS uses.

I believe it's mikrotik's ssl problem

Anything is possible, but just believing that RouterOS is broken (clearly not that much, otherwise you wouldn't be the only one to notice) won't help you to fix the problem. My suggestion could, no guarantees of course, but there's a chance.

I just was struggling around with the same issue, reading in this forum and didn't found any solution.

After reading the log of the OpenVPN-Android Client more carefully, I found a solution, that I tested working on newest RouterOS (7.6) and latest Android OpenVPN Client (0.7.43) and I want to share it with others that are looking for the same.

In RouterOS in the OVPN-Server settings activate "sha1" in the "Auth" section and encryption "aes 256" in the "Cypher" section.
Like Sob suggested already, OpenVPN-Client is suppressing weak or bad/old cypher in the background. Resulting in client and server will not find a common encryption to use.

So you have to explicitly name it in OpenVPN-Client configuration:
Under basic tap you can leave compat mode to "Modern Defaults"
Under authentification/encryption tab name "AES-256-CBC" at Encryption ciphers and "SHA-1" at Packet authentification.

Now suppress fallback to other cipher:
In the advanced tab click "Enable Custom Options"
Add the Custom Options add "data-ciphers-fallback AES-256-CBC" and click ok.

With this settings you should now by able to connect the android client with RouterOS OVPN-Server.

I just was struggling around with the same issue, reading in this forum and didn't found any solution.

After reading the log of the OpenVPN-Android Client more carefully, I found a solution, that I tested working on newest RouterOS (7.6) and latest Android OpenVPN Client (0.7.43) and I want to share it with others that are looking for the same.

I just wished, I had found your post earlier... about four hours earlier
Thanks a lot, that worked!