You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello
I want to connect to the openVPN server, with Mikrotik router, but apparently Mikrotik doesn't support tls, please guide me how to disable tls-auth?
my server config :
root@Nuremberg:~# cat /etc/openvpn/server.conf
port 8585
proto tcp
dev tun
user nobody
group nogroup
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 185.12.64.2"
push "dhcp-option DNS 185.12.64.1"
push "redirect-gateway def1 bypass-dhcp"
dh none
ecdh-curve prime256v1
tls-crypt tls-crypt.key
crl-verify crl.pem
ca ca.crt
cert server_9Uuq3iAqlupYpVYm.crt
key server_9Uuq3iAqlupYpVYm.key
auth SHA256
cipher AES-128-GCM
ncp-ciphers AES-128-GCM
tls-server
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
client-config-dir /etc/openvpn/ccd
status /var/log/openvpn/status.log
verb 3
Dec 11 16:13:29 Nuremberg ovpn-server[34959]: Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec 11 16:13:29 Nuremberg ovpn-server[34959]: Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec 11 16:13:29 Nuremberg ovpn-server[34959]: Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec 11 16:13:29 Nuremberg ovpn-server[34959]: Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec 11 16:13:29 Nuremberg ovpn-server[34959]: TCP connection established with [AF_INET]127.0.0.1:41640
Dec 11 16:13:30 Nuremberg ovpn-server[34959]: 127.0.0.1:41640 TLS: Initial packet from [AF_INET]127.0.0.1:41640, sid=ee9250d6 608a4103
Dec 11 16:13:30 Nuremberg ovpn-server[34959]: 127.0.0.1:41640 tls-crypt unwrap error: packet too short
Dec 11 16:13:30 Nuremberg ovpn-server[34959]: 127.0.0.1:41640 TLS Error: tls-crypt unwrapping failed from [AF_INET]127.0.0.1:41640
Dec 11 16:13:30 Nuremberg ovpn-server[34959]: 127.0.0.1:41640 Fatal TLS error (check_tls_errors_co), restarting
Dec 11 16:13:30 Nuremberg ovpn-server[34959]: 127.0.0.1:41640 SIGUSR1[soft,tls-error] received, client-instance restarting
Dec 11 16:13:30 Nuremberg ovpn-server[34959]: Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec 11 16:13:30 Nuremberg ovpn-server[34959]: Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec 11 16:13:30 Nuremberg ovpn-server[34959]: Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec 11 16:13:30 Nuremberg ovpn-server[34959]: Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec 11 16:13:30 Nuremberg ovpn-server[34959]: TCP connection established with [AF_INET]127.0.0.1:41656
Dec 11 16:13:30 Nuremberg ovpn-server[34959]: 127.0.0.1:41656 TLS: Initial packet from [AF_INET]127.0.0.1:41656, sid=d9f0e18b 633932b6
Dec 11 16:13:30 Nuremberg ovpn-server[34959]: 127.0.0.1:41656 tls-crypt unwrap error: packet too short
Dec 11 16:13:30 Nuremberg ovpn-server[34959]: 127.0.0.1:41656 TLS Error: tls-crypt unwrapping failed from [AF_INET]127.0.0.1:41656
Dec 11 16:13:30 Nuremberg ovpn-server[34959]: 127.0.0.1:41656 Fatal TLS error (check_tls_errors_co), restarting
Dec 11 16:13:30 Nuremberg ovpn-server[34959]: 127.0.0.1:41656 SIGUSR1[soft,tls-error] received, client-instance restarting
Dec 11 16:13:31 Nuremberg ovpn-server[34959]: Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec 11 16:13:31 Nuremberg ovpn-server[34959]: Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec 11 16:13:31 Nuremberg ovpn-server[34959]: Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec 11 16:13:31 Nuremberg ovpn-server[34959]: Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec 11 16:13:31 Nuremberg ovpn-server[34959]: TCP connection established with [AF_INET]127.0.0.1:41668
Dec 11 16:13:31 Nuremberg ovpn-server[34959]: 127.0.0.1:41668 TLS: Initial packet from [AF_INET]127.0.0.1:41668, sid=88e3691d 6436deb3
Dec 11 16:13:31 Nuremberg ovpn-server[34959]: 127.0.0.1:41668 tls-crypt unwrap error: packet too short
Dec 11 16:13:31 Nuremberg ovpn-server[34959]: 127.0.0.1:41668 TLS Error: tls-crypt unwrapping failed from [AF_INET]127.0.0.1:41668
Dec 11 16:13:31 Nuremberg ovpn-server[34959]: 127.0.0.1:41668 Fatal TLS error (check_tls_errors_co), restarting
Dec 11 16:13:31 Nuremberg ovpn-server[34959]: 127.0.0.1:41668 SIGUSR1[soft,tls-error] received, client-instance restarting
Dec 11 16:13:31 Nuremberg ovpn-server[34959]: Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec 11 16:13:31 Nuremberg ovpn-server[34959]: Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec 11 16:13:31 Nuremberg ovpn-server[34959]: Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec 11 16:13:31 Nuremberg ovpn-server[34959]: Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec 11 16:13:31 Nuremberg ovpn-server[34959]: TCP connection established with [AF_INET]127.0.0.1:41676
Dec 11 16:13:32 Nuremberg ovpn-server[34959]: 127.0.0.1:41676 TLS: Initial packet from [AF_INET]127.0.0.1:41676, sid=fabbed38 bf602507
Dec 11 16:13:32 Nuremberg ovpn-server[34959]: 127.0.0.1:41676 tls-crypt unwrap error: packet too short
Dec 11 16:13:32 Nuremberg ovpn-server[34959]: 127.0.0.1:41676 TLS Error: tls-crypt unwrapping failed from [AF_INET]127.0.0.1:41676
Dec 11 16:13:32 Nuremberg ovpn-server[34959]: 127.0.0.1:41676 Fatal TLS error (check_tls_errors_co), restarting
Dec 11 16:13:32 Nuremberg ovpn-server[34959]: 127.0.0.1:41676 SIGUSR1[soft,tls-error] received, client-instance restarting
Dec 11 16:13:33 Nuremberg ovpn-server[34959]: Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec 11 16:13:33 Nuremberg ovpn-server[34959]: Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec 11 16:13:33 Nuremberg ovpn-server[34959]: Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec 11 16:13:33 Nuremberg ovpn-server[34959]: Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec 11 16:13:33 Nuremberg ovpn-server[34959]: TCP connection established with [AF_INET]127.0.0.1:35156
Dec 11 16:13:33 Nuremberg ovpn-server[34959]: 127.0.0.1:35156 TLS: Initial packet from [AF_INET]127.0.0.1:35156, sid=b2095afc 3adbb355
Dec 11 16:13:33 Nuremberg ovpn-server[34959]: 127.0.0.1:35156 tls-crypt unwrap error: packet too short
Dec 11 16:13:33 Nuremberg ovpn-server[34959]: 127.0.0.1:35156 TLS Error: tls-crypt unwrapping failed from [AF_INET]127.0.0.1:35156
Dec 11 16:13:33 Nuremberg ovpn-server[34959]: 127.0.0.1:35156 Fatal TLS error (check_tls_errors_co), restarting
Dec 11 16:13:33 Nuremberg ovpn-server[34959]: 127.0.0.1:35156 SIGUSR1[soft,tls-error] received, client-instance restarting
*** NOTE : I have a stunnel4 for proxy between server and client, The proxy works correctly and I can connect to the server without any problems on all devices, but there is this problem for the Mikrotik router.
The text was updated successfully, but these errors were encountered:
Hello
I want to connect to the openVPN server, with Mikrotik router, but apparently Mikrotik doesn't support tls, please guide me how to disable tls-auth?
my server config :
my client config :
my server log :
*** NOTE : I have a stunnel4 for proxy between server and client, The proxy works correctly and I can connect to the server without any problems on all devices, but there is this problem for the Mikrotik router.
The text was updated successfully, but these errors were encountered: