N
N
Nikita Melikhov2015-12-07 09:14:01
openvpn
Nikita Melikhov, 2015-12-07 09:14:01

Is it possible to set up a yf Windows Openvpn client without certificates?

Hello.
Such a task is to configure openvpn to our router from one computer so that it can be seen from our network. On that computer, everything is blocked, access is only through a proxy. I made a redirect to port 22 on my router, tried 80, 443, still does not connect. The connection goes through a proxy and rejects the certificate.
Can this be bypassed somehow?
As an option, to either connect from Windows to Windows without a certificate, or from Windows to Mikrotik without a certificate, or some other options?
I am attaching the connection log.

Fri Nov 27 16:40:14 2015 MANAGEMENT: CMD 'proxy HTTP --------------------- 8080'
Fri Nov 27 16:40:15 2015 Socket Buffers: R=[8192->8192] S=[8192->8192]
Fri Nov 27 16:40:15 2015 MANAGEMENT: >STATE:1448631615,RESOLVE,,,
Fri Nov 27 16:40:15 2015 Attempting to establish TCP connection with [AF_INET]-------------------:8080
Fri Nov 27 16:40:15 2015 MANAGEMENT: >STATE:1448631615,TCP_CONNECT,,,
Fri Nov 27 16:40:15 2015 TCP connection established with [AF_INET]---------------:8080
Fri Nov 27 16:40:15 2015 Send to HTTP proxy: 'CONNECT ------------------:22 HTTP/1.0'
Fri Nov 27 16:40:15 2015 HTTP proxy returned: 'HTTP/1.0 200 Connection Established'
Fri Nov 27 16:40:15 2015 TCPv4_CLIENT link local: [undef]
Fri Nov 27 16:40:15 2015 TCPv4_CLIENT link remote: [AF_INET]-----------:8080
Fri Nov 27 16:40:15 2015 MANAGEMENT: >STATE:1448631615,WAIT,,,
Fri Nov 27 16:40:15 2015 MANAGEMENT: >STATE:1448631615,AUTH,,,
Fri Nov 27 16:40:15 2015 TLS: Initial packet from [AF_INET]----------------:8080, sid=b54bc2ec 8829d79f
Fri Nov 27 16:40:15 2015 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=RU, ST=KR, L=Kislovodsk, O=KomAvt, OU=oVPN, CN=server, name=server, emailAddress=----------------
Fri Nov 27 16:40:15 2015 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Fri Nov 27 16:40:15 2015 TLS Error: TLS object -> incoming plaintext read error
Fri Nov 27 16:40:15 2015 TLS Error: TLS handshake failed
Fri Nov 27 16:40:15 2015 Fatal TLS error (check_tls_errors_co), restarting
Fri Nov 27 16:40:15 2015 SIGUSR1[soft,tls-error] received, process restarting
Fri Nov 27 16:40:15 2015 MANAGEMENT: >STATE:1448631615,RECONNECTING,tls-error,,
Fri Nov 27 16:40:15 2015 Restart pause, 5 second(s)

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Y
younghacker, 2015-12-17
@younghacker

  1. Disabling certificates is a bad idea.
    What is said below is probably not relevant to the case. Just as a note.
    I don’t know how the situation looks now, but earlier Mikrotik with OpenVPN had limitations. UDP was not supported and in my opinion it is impossible to use ta keys. Since then, I have only used flashed Mikrotiks.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question