Server: ER605
Client: HEX-S
The problem:
The setup on the ER605 is quite simple and straightforward:After that, it creates a certificate file for the clients. An example:
So far simple. BUT, on the mikrotik client, after loading the file in the storage, loading the certificate, all good.I believed that was it, since I am able to connect, BUT for some odd reason, the routing has issues.
When I connect, the following route shows unreachable.From the TP-Link manual, the ER605 SHOULD be able to ping the Mikrotik, and viceversa. But, they can't. And I cannot understand why. The firewall is pretty stock and do not have weird rules that can block traffic. I torch the interface and I see the traffic going but not being responded.
If I ping from the ER605, I get the same result, no response. Right now, I do not know WHO is at fault, is it the ER605 no routing correctly? or the HEX-S? And why? And how to correct the issue?
Client: HEX-S
The problem:
The setup on the ER605 is quite simple and straightforward:After that, it creates a certificate file for the clients. An example:
Code:
clientdev tunproto tcpfloatnobindcipher AES-128-CBCcomp-lzo noresolv-retry infiniteremote-cert-tls serverpersist-keyauth-user-passremote "wanip" 1194<ca>-----BEGIN CERTIFICATE-----Redacted stuff-----END CERTIFICATE-----</ca><cert>-----BEGIN CERTIFICATE-----Redacted stuff-----END CERTIFICATE-----</cert><key>-----BEGIN PRIVATE KEY-----Redacted stuff-----END PRIVATE KEY-----</key>When I connect, the following route shows unreachable.From the TP-Link manual, the ER605 SHOULD be able to ping the Mikrotik, and viceversa. But, they can't. And I cannot understand why. The firewall is pretty stock and do not have weird rules that can block traffic. I torch the interface and I see the traffic going but not being responded.
If I ping from the ER605, I get the same result, no response. Right now, I do not know WHO is at fault, is it the ER605 no routing correctly? or the HEX-S? And why? And how to correct the issue?
Statistics: Posted by mikrodoog — Sat Feb 24, 2024 3:32 am