OpenVPN between Mikrotik (server) and AX1800 (client)?

Has anyone ever been able to do a VPN between a Mikrotik acting as an OpenVPN server and a GL-Inet AX1800 acting as the client?

I finally sorted out the certificate file and now that part seems ok but I am still getting errors from both side.

Mikrotik seems to complain about an unsupported auth digest (it’s set to sha1) and duplicate packet.

The GL-Inet complains about a connection reset.

It does seems like it’s the Mikrotik that is acting up but I was just wondering if I am trying to setup something that just doesn’t work or if anyone is using this somewhere.

I finally managed to get it to work. Mikrotil use “aes-128” as a cipher which translate to “aes-128-cbc” in openvpn configuration file.

Now, VPN works and I can communicate both way, but by IP only. DNS from the GL.iNet router doesn’t work. I am able to do DNS request directly to the DNS server of the ISP or those assigned by the VPN to the GL.iNet router, but the router itself is unable to do any query when connected to the VPN.

To clarify, are you referring to that the MikroTik router OpenVPN server is not giving out DNS server IP addresses to the AX1800 client router? If so, you may have to add “dhcp-option DNS” to the client config file or have the server “push dhcp-option DNS”.

I do not work for and I do not have formal association with GL.iNet

Thanks for your reply. After much try, I realized that I had made a mistake in my firewall rules on the mikrotik site. I was allowing all the subnet from the gl.inet site to go through the VPN and reach my DNS server but I wasn’t allowing the router itself (which use its IP allocated to the VPN segment, not the internal IP behind the gl.inet) to reach the DNS servers. After allowing that IP, it started to work.

1 Like