Page 1 of 1
my traffic doesnt pass through open vpn
Posted: Thu Mar 17, 2022 12:02 pm
by Mehrdadx
Hi guys
i live in iran and here we need to use vpn to reach free internet, so i bought a mikrotik server in france and configured it for Open VPN.
but i have a problem: i can connect to server (windows and android) but i cant open censored websites, in fact my ip wont change to vpn server's IP and seems my traffic is not going through vpn tunnel.
i config my mikrotik server with this video
https://www.youtube.com/watch?v=WzApPcz ... =techieLAB
my client config file:
client
dev tun
proto udp-client
remote x.x.230.10 port 1993
persist-key
persist-tun
nobind
tls-client
remote-cert-tls server
ca ca.crt
cert client.crt
key client.key
redirect-gateway def1
verb 4
mute 10
cipher AES-128-CBC
auth SHA1
auth-user-pass secret
auth-nocache
what i must do ?
Re: my traffic doesnt pass through open vpn
Posted: Fri Mar 18, 2022 9:04 am
by Mehrdadx
how can i enable "Push redirect-gateway def1" command in mikrotik ?
Re: my traffic doesnt pass through open vpn
Posted: Thu Apr 07, 2022 1:11 pm
by Mehrdadx
hello again
no any solution ?
Re: my traffic doesnt pass through open vpn [SOLVED]
Posted: Thu Apr 07, 2022 5:11 pm
by sindy
RouterOS does not support pushing routes in OpenVPN. You have to configure the route manually - after the client connects, run
route add 0.0.0.0 MASK 0.0.0.0 ip.of.the.gw from command line. You may have to add a route to your Mikrotik in France and remove the existing default route.
Re: my traffic doesnt pass through open vpn
Posted: Thu Apr 07, 2022 9:51 pm
by Mehrdadx
RouterOS does not support pushing routes in OpenVPN. You have to configure the route manually - after the client connects, run
route add 0.0.0.0 MASK 0.0.0.0 ip.of.the.gw from command line. You may have to add a route to your Mikrotik in France and remove the existing default route.
so bad
problem is we cant do it on phones
Re: my traffic doesnt pass through open vpn
Posted: Thu Apr 07, 2022 10:15 pm
by sindy
You can try Wireguard instead of OpenVPN, or you can run a linux VM instead of CHR in France.
But I've just tried the "OpenVPN for Android" application - it allows to configure routing of everything via the tunnel no matter whether the server pushes a route list. In fact, it is even the default setting.
Re: my traffic doesnt pass through open vpn
Posted: Fri Apr 08, 2022 8:48 pm
by Mehrdadx
You can try Wireguard instead of OpenVPN, or you can run a linux VM instead of CHR in France.
But I've just tried the "OpenVPN for Android" application - it allows to configure routing of everything via the tunnel no matter whether the server pushes a route list. In fact, it is even the default setting.
i am trying wiregaurd too, yea wireguard is very better. configuring linux is too hard, i prefer mikrotik CHR. however i know there is a better solution: Pfsense but again there is a problem with pfsense, in Iran the sites that sells VPS doesn't provide Pfsense.
Re: my traffic doesnt pass through open vpn
Posted: Fri Apr 08, 2022 9:28 pm
by sindy
I'm not sure I get the point with pfSense - to my understanding, it is an operating system like RouterOS, not a VPN protocol like OpenVPN or Wireguard. So installing a virtual pfSense instead of CHR and configuring OpenVPN on it might be easier than using a general purpose Linux distribution. And I am totally lost regarding sites selling VPNs - how is that related to your case where you operate a VPN server yourself?
Re: my traffic doesnt pass through open vpn
Posted: Fri Apr 08, 2022 11:43 pm
by tangent
I am totally lost regarding sites selling VPNs
“VPS,” not VPN: Virtual Private Server, a la Digital Ocean, Linode, Rackspace… A type of VM specialized for single-instance hosting, as contrasted with 1990s style shared hosting or all this new-fangled cloud stuff.
A VPS gives you a choice of host OS, potentially including pfSense, CHR, your Linux distribution of choice, etc…
Re: my traffic doesnt pass through open vpn
Posted: Fri Apr 08, 2022 11:50 pm
by sindy
Ah, yes, I need better glasses
But as the CHR is running somewhere in France, I didn't even think that the "in Iran the sites that sells VPS doesn't provide Pfsense" statement could be related to the hosting.
Re: my traffic doesnt pass through open vpn
Posted: Sat Apr 09, 2022 9:24 am
by Mehrdadx
Ah, yes, I need better glasses
But as the CHR is running somewhere in France, I didn't even think that the "in Iran the sites that sells VPS doesn't provide Pfsense" statement could be related to the hosting.
maybe is related to the hosting companies like OVH or... but pfsense have more options compared to CHR specially for OpenVPN
and i want to say Thank you for Help
Re: my traffic doesnt pass through open vpn
Posted: Sun Apr 10, 2022 1:28 pm
by own3r1138
and i want to say Thank you for Help
Dear Mehrdad,
As an Iranian to another, You should include the "Route" in the OpenVPN config file. Furthermore, you should open a ticket at the reseller website and ask them to mount your own ISO such as Pfsense. However, You should know that OpenVPN implemented in MT isn't good at least from my own experience. Move on to IKEv2 or WG and call it a day.
route 0.0.0.0 0.0.0.0
redirect-gateway def1
Re: my traffic doesnt pass through open vpn
Posted: Mon Apr 18, 2022 8:54 am
by Mehrdadx
and i want to say Thank you for Help
Dear Mehrdad,
As an Iranian to another, You should include the "Route" in the OpenVPN config file. Furthermore, you should open a ticket at the reseller website and ask them to mount your own ISO such as Pfsense. However, You should know that OpenVPN implemented in MT isn't good at least from my own experience. Move on to IKEv2 or WG and call it a day.
route 0.0.0.0 0.0.0.0
redirect-gateway def1
for now i am using PPTP on windows machines and WG on smartphones. WG is very good and stable but as a network engineer i will try your OVPN solution.
Thank you bro.