openvpn

Hola compañeros estoy intentando crear un server openvpn en mi router Mikrotik , mi pc con windows no me conecta os pongo mi config a ver si me podeis ayudar gracias.

config del router:

´´# jan/02/1970 17:04:41 by RouterOS 7.6
# software id = TIT7-8GE1
#
# model = RB750Gr3
# serial number = xxxxxxxxxxxxxxxx
/interface bridge
add name=bridge-ISP
/interface ethernet
set [ find default-name=ether1 ] comment=WAN
set [ find default-name=ether2 ] comment=LAN
set [ find default-name=ether3 ] comment=LAN
set [ find default-name=ether4 ] comment=LAN
set [ find default-name=ether5 ] comment=LAN
/interface ovpn-client
add cipher=aes256 connect-to=tecnisonvigi.dyndns.org mac-address=\
02:53:42:A2:49:A0 name=ovpn-out1 port=xxxx user=xxxx
/interface vlan
add interface=ether1 name=vlan6 vlan-id=6
/interface pppoe-client
add add-default-route=yes disabled=no interface=vlan6 keepalive-timeout=60 \
name=pppoe-out1 user=adslppp@telefonicanetpa
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool1 ranges=192.168.100.2-192.168.100.254
add name=VPNs ranges=172.16.200.0/24
/ip dhcp-server
add address-pool=dhcp_pool1 interface=bridge-ISP name=dhcp1
/port
set 0 name=serial0
/ppp profile
add local-address=172.16.200.1 name=OPENVPN only-one=yes remote-address=VPNs \
use-encryption=required
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=no name=default-v2
/routing ospf area
add disabled=yes instance=default-v2 name=backbone-v2
/interface bridge port
add bridge=bridge-ISP ingress-filtering=no interface=ether2
add bridge=bridge-ISP ingress-filtering=no interface=ether3
add bridge=bridge-ISP ingress-filtering=no interface=ether4
add bridge=bridge-ISP ingress-filtering=no interface=ether5
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface ovpn-server server
set auth=sha1 certificate=*5 cipher=aes256 default-profile=OPENVPN enabled=\
yes port=xxxx require-client-certificate=yes
/ip address
add address=192.168.100.1/24 interface=bridge-ISP network=192.168.100.0
/ip cloud
set update-time=no
/ip cloud advanced
set use-local-address=yes
/ip dhcp-server network
add address=192.168.100.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.100.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4,80.58.61.250
/ip dns static
add address=192.168.100.15 name=tecnisonvigi.dyndnds.org
/ip firewall filter
add action=accept chain=input comment="====openVpn====" port=xxxx protocol=\
tcp
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-out1
add action=dst-nat chain=dstnat comment="===Port cam RTSP===" dst-port=554 \
protocol=tcp to-addresses=192.168.100.15 to-ports=554
add action=masquerade chain=srcnat comment="HAIRPIN NAT-NAT LOOPBACK" \
dst-address=192.168.100.15 dst-address-type=local dst-port=554 \
out-interface=bridge-ISP protocol=tcp src-address=192.168.100.0/24 \
src-address-type="" to-addresses=192.168.100.15
/ip route
add disabled=no dst-address=172.16.200.0/24 gateway=ovpn-out1
/ppp secret
add name=Mipc profile=OPENVPN service=ovpn
/system clock
set time-zone-name=Europe/Madrid
/system package update
set channel=testing ´´

***********************************************************LOG PC WINDOWS***********************************************************************




2022-12-12 11:56:04 us=765000 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). OpenVPN ignores --cipher for cipher negotiations.
2022-12-12 11:56:04 us=765000 Current Parameter Settings:
2022-12-12 11:56:04 us=765000 config = 'ServerOvpn.ovpn'
2022-12-12 11:56:04 us=765000 mode = 0
2022-12-12 11:56:04 us=765000 show_ciphers = DISABLED
2022-12-12 11:56:04 us=765000 show_digests = DISABLED
2022-12-12 11:56:04 us=765000 show_engines = DISABLED
2022-12-12 11:56:04 us=765000 genkey = DISABLED
2022-12-12 11:56:04 us=765000 genkey_filename = '[UNDEF]'
2022-12-12 11:56:04 us=765000 key_pass_file = '[UNDEF]'
2022-12-12 11:56:04 us=765000 show_tls_ciphers = DISABLED
2022-12-12 11:56:04 us=765000 connect_retry_max = 0
2022-12-12 11:56:04 us=765000 Connection profiles [0]:
2022-12-12 11:56:04 us=765000 proto = tcp-client
2022-12-12 11:56:04 us=765000 local = '[UNDEF]'
2022-12-12 11:56:04 us=765000 local_port = '[UNDEF]'
2022-12-12 11:56:04 us=765000 remote = 'tecnisonvigi.dyndns.org'
2022-12-12 11:56:04 us=765000 remote_port = '1970'
2022-12-12 11:56:04 us=765000 remote_float = DISABLED
2022-12-12 11:56:04 us=765000 bind_defined = DISABLED
2022-12-12 11:56:04 us=765000 bind_local = DISABLED
2022-12-12 11:56:04 us=765000 bind_ipv6_only = DISABLED
2022-12-12 11:56:04 us=765000 connect_retry_seconds = 5
2022-12-12 11:56:04 us=765000 connect_timeout = 120
2022-12-12 11:56:04 us=765000 socks_proxy_server = '[UNDEF]'
2022-12-12 11:56:04 us=765000 socks_proxy_port = '[UNDEF]'
2022-12-12 11:56:04 us=765000 tun_mtu = 1500
2022-12-12 11:56:04 us=765000 tun_mtu_defined = ENABLED
2022-12-12 11:56:04 us=765000 link_mtu = 1500
2022-12-12 11:56:04 us=765000 link_mtu_defined = DISABLED
2022-12-12 11:56:04 us=765000 tun_mtu_extra = 0
2022-12-12 11:56:04 us=765000 tun_mtu_extra_defined = DISABLED
2022-12-12 11:56:04 us=765000 tls_mtu = 1250
2022-12-12 11:56:04 us=765000 mtu_discover_type = -1
2022-12-12 11:56:04 us=765000 fragment = 0
2022-12-12 11:56:04 us=765000 mssfix = 1492
2022-12-12 11:56:04 us=765000 mssfix_encap = ENABLED
2022-12-12 11:56:04 us=765000 mssfix_fixed = DISABLED
2022-12-12 11:56:04 us=765000 explicit_exit_notification = 0
2022-12-12 11:56:04 us=765000 tls_auth_file = '[UNDEF]'
2022-12-12 11:56:04 us=765000 key_direction = not set
2022-12-12 11:56:04 us=765000 tls_crypt_file = '[UNDEF]'
2022-12-12 11:56:04 us=765000 tls_crypt_v2_file = '[UNDEF]'
2022-12-12 11:56:04 us=765000 Connection profiles END
2022-12-12 11:56:04 us=765000 remote_random = DISABLED
2022-12-12 11:56:04 us=765000 ipchange = '[UNDEF]'
2022-12-12 11:56:04 us=765000 dev = 'tun'
2022-12-12 11:56:04 us=765000 dev_type = '[UNDEF]'
2022-12-12 11:56:04 us=765000 dev_node = '[UNDEF]'
2022-12-12 11:56:04 us=765000 tuntap_options.disable_dco = DISABLED
2022-12-12 11:56:04 us=765000 lladdr = '[UNDEF]'
2022-12-12 11:56:04 us=765000 topology = 1
2022-12-12 11:56:04 us=765000 ifconfig_local = '[UNDEF]'
2022-12-12 11:56:04 us=765000 ifconfig_remote_netmask = '[UNDEF]'
2022-12-12 11:56:04 us=765000 ifconfig_noexec = DISABLED
2022-12-12 11:56:04 us=765000 ifconfig_nowarn = DISABLED
2022-12-12 11:56:04 us=765000 ifconfig_ipv6_local = '[UNDEF]'
2022-12-12 11:56:04 us=765000 ifconfig_ipv6_netbits = 0
2022-12-12 11:56:04 us=765000 ifconfig_ipv6_remote = '[UNDEF]'
2022-12-12 11:56:04 us=765000 shaper = 0
2022-12-12 11:56:04 us=765000 mtu_test = 0
2022-12-12 11:56:04 us=765000 mlock = DISABLED
2022-12-12 11:56:04 us=765000 keepalive_ping = 0
2022-12-12 11:56:04 us=765000 keepalive_timeout = 0
2022-12-12 11:56:04 us=765000 inactivity_timeout = 0
2022-12-12 11:56:04 us=765000 session_timeout = 0
2022-12-12 11:56:04 us=765000 inactivity_minimum_bytes = 0
2022-12-12 11:56:04 us=765000 ping_send_timeout = 0
2022-12-12 11:56:04 us=765000 ping_rec_timeout = 0
2022-12-12 11:56:04 us=765000 ping_rec_timeout_action = 0
2022-12-12 11:56:04 us=765000 ping_timer_remote = DISABLED
2022-12-12 11:56:04 us=765000 remap_sigusr1 = 0
2022-12-12 11:56:04 us=765000 persist_tun = ENABLED
2022-12-12 11:56:04 us=765000 persist_local_ip = DISABLED
2022-12-12 11:56:04 us=765000 persist_remote_ip = DISABLED
2022-12-12 11:56:04 us=765000 persist_key = ENABLED
2022-12-12 11:56:04 us=765000 passtos = DISABLED
2022-12-12 11:56:04 us=765000 resolve_retry_seconds = 1000000000
2022-12-12 11:56:04 us=765000 resolve_in_advance = DISABLED
2022-12-12 11:56:04 us=765000 username = '[UNDEF]'
2022-12-12 11:56:04 us=765000 groupname = '[UNDEF]'
2022-12-12 11:56:04 us=765000 chroot_dir = '[UNDEF]'
2022-12-12 11:56:04 us=765000 cd_dir = '[UNDEF]'
2022-12-12 11:56:04 us=765000 writepid = '[UNDEF]'
2022-12-12 11:56:04 us=765000 up_script = '[UNDEF]'
2022-12-12 11:56:04 us=765000 down_script = '[UNDEF]'
2022-12-12 11:56:04 us=765000 down_pre = DISABLED
2022-12-12 11:56:04 us=765000 up_restart = DISABLED
2022-12-12 11:56:04 us=765000 up_delay = DISABLED
2022-12-12 11:56:04 us=765000 daemon = DISABLED
2022-12-12 11:56:04 us=765000 log = ENABLED
2022-12-12 11:56:04 us=765000 suppress_timestamps = DISABLED
2022-12-12 11:56:04 us=765000 machine_readable_output = DISABLED
2022-12-12 11:56:04 us=765000 nice = 0
2022-12-12 11:56:04 us=765000 verbosity = 4
2022-12-12 11:56:04 us=765000 mute = 0
2022-12-12 11:56:04 us=765000 status_file = '[UNDEF]'
2022-12-12 11:56:04 us=765000 status_file_version = 1
2022-12-12 11:56:04 us=765000 status_file_update_freq = 60
2022-12-12 11:56:04 us=765000 occ = ENABLED
2022-12-12 11:56:04 us=765000 rcvbuf = 0
2022-12-12 11:56:04 us=765000 sndbuf = 0
2022-12-12 11:56:04 us=765000 sockflags = 0
2022-12-12 11:56:04 us=765000 fast_io = DISABLED
2022-12-12 11:56:04 us=765000 comp.alg = 0
2022-12-12 11:56:04 us=765000 comp.flags = 24
2022-12-12 11:56:04 us=765000 route_script = '[UNDEF]'
2022-12-12 11:56:04 us=765000 route_default_gateway = '[UNDEF]'
2022-12-12 11:56:04 us=765000 route_default_metric = 0
2022-12-12 11:56:04 us=765000 route_noexec = DISABLED
2022-12-12 11:56:04 us=765000 route_delay = 0
2022-12-12 11:56:04 us=765000 route_delay_window = 30
2022-12-12 11:56:04 us=765000 route_delay_defined = DISABLED
2022-12-12 11:56:04 us=765000 route_nopull = DISABLED
2022-12-12 11:56:04 us=765000 route_gateway_via_dhcp = DISABLED
2022-12-12 11:56:04 us=765000 allow_pull_fqdn = DISABLED
2022-12-12 11:56:04 us=765000 Pull filters:
2022-12-12 11:56:04 us=765000 ignore "route-method"
2022-12-12 11:56:04 us=765000 management_addr = '127.0.0.1'
2022-12-12 11:56:04 us=765000 management_port = '25340'
2022-12-12 11:56:04 us=765000 management_user_pass = 'stdin'
2022-12-12 11:56:04 us=765000 management_log_history_cache = 250
2022-12-12 11:56:04 us=765000 management_echo_buffer_size = 100
2022-12-12 11:56:04 us=765000 management_client_user = '[UNDEF]'
2022-12-12 11:56:04 us=765000 management_client_group = '[UNDEF]'
2022-12-12 11:56:04 us=765000 management_flags = 6
2022-12-12 11:56:04 us=765000 shared_secret_file = '[UNDEF]'
2022-12-12 11:56:04 us=765000 key_direction = not set
2022-12-12 11:56:04 us=765000 ciphername = 'AES-256-CBC'
2022-12-12 11:56:04 us=765000 ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
2022-12-12 11:56:04 us=765000 authname = 'SHA1'
2022-12-12 11:56:04 us=765000 engine = DISABLED
2022-12-12 11:56:04 us=765000 replay = ENABLED
2022-12-12 11:56:04 us=765000 mute_replay_warnings = ENABLED
2022-12-12 11:56:04 us=765000 replay_window = 64
2022-12-12 11:56:04 us=765000 replay_time = 15
2022-12-12 11:56:04 us=765000 packet_id_file = '[UNDEF]'
2022-12-12 11:56:04 us=765000 test_crypto = DISABLED
2022-12-12 11:56:04 us=765000 tls_server = DISABLED
2022-12-12 11:56:04 us=765000 tls_client = ENABLED
2022-12-12 11:56:04 us=765000 ca_file = '[INLINE]'
2022-12-12 11:56:04 us=765000 ca_path = '[UNDEF]'
2022-12-12 11:56:04 us=765000 dh_file = '[UNDEF]'
2022-12-12 11:56:04 us=765000 cert_file = '[UNDEF]'
2022-12-12 11:56:04 us=765000 extra_certs_file = '[UNDEF]'
2022-12-12 11:56:04 us=765000 priv_key_file = '[UNDEF]'
2022-12-12 11:56:04 us=765000 pkcs12_file = '[UNDEF]'
2022-12-12 11:56:04 us=765000 cryptoapi_cert = '[UNDEF]'
2022-12-12 11:56:04 us=765000 cipher_list = '[UNDEF]'
2022-12-12 11:56:04 us=765000 cipher_list_tls13 = '[UNDEF]'
2022-12-12 11:56:04 us=765000 tls_cert_profile = '[UNDEF]'
2022-12-12 11:56:04 us=765000 tls_verify = '[UNDEF]'
2022-12-12 11:56:04 us=765000 tls_export_cert = '[UNDEF]'
2022-12-12 11:56:04 us=765000 verify_x509_type = 0
2022-12-12 11:56:04 us=765000 verify_x509_name = '[UNDEF]'
2022-12-12 11:56:04 us=765000 crl_file = '[UNDEF]'
2022-12-12 11:56:04 us=765000 ns_cert_type = 0
2022-12-12 11:56:04 us=765000 remote_cert_ku = 0
2022-12-12 11:56:04 us=765000 remote_cert_ku = 0
2022-12-12 11:56:04 us=765000 remote_cert_ku = 0
2022-12-12 11:56:04 us=765000 remote_cert_ku = 0
2022-12-12 11:56:04 us=765000 remote_cert_ku = 0
2022-12-12 11:56:04 us=765000 remote_cert_ku = 0
2022-12-12 11:56:04 us=765000 remote_cert_ku = 0
2022-12-12 11:56:04 us=765000 remote_cert_ku = 0
2022-12-12 11:56:04 us=765000 remote_cert_ku = 0
2022-12-12 11:56:04 us=765000 remote_cert_ku = 0
2022-12-12 11:56:04 us=765000 remote_cert_ku = 0
2022-12-12 11:56:04 us=765000 remote_cert_ku = 0
2022-12-12 11:56:04 us=765000 remote_cert_ku = 0
2022-12-12 11:56:04 us=765000 remote_cert_ku = 0
2022-12-12 11:56:04 us=765000 remote_cert_ku = 0
2022-12-12 11:56:04 us=765000 remote_cert_ku = 0
2022-12-12 11:56:04 us=765000 remote_cert_eku = '[UNDEF]'
2022-12-12 11:56:04 us=765000 ssl_flags = 192
2022-12-12 11:56:04 us=765000 tls_timeout = 2
2022-12-12 11:56:04 us=765000 renegotiate_bytes = -1
2022-12-12 11:56:04 us=765000 renegotiate_packets = 0
2022-12-12 11:56:04 us=765000 renegotiate_seconds = 3600
2022-12-12 11:56:04 us=765000 handshake_window = 60
2022-12-12 11:56:04 us=765000 transition_window = 3600
2022-12-12 11:56:04 us=765000 single_session = DISABLED
2022-12-12 11:56:04 us=765000 push_peer_info = DISABLED
2022-12-12 11:56:04 us=765000 tls_exit = DISABLED
2022-12-12 11:56:04 us=765000 tls_crypt_v2_metadata = '[UNDEF]'
2022-12-12 11:56:04 us=765000 pkcs11_protected_authentication = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_protected_authentication = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_protected_authentication = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_protected_authentication = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_protected_authentication = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_protected_authentication = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_protected_authentication = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_protected_authentication = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_protected_authentication = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_protected_authentication = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_protected_authentication = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_protected_authentication = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_protected_authentication = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_protected_authentication = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_protected_authentication = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_protected_authentication = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_private_mode = 00000000
2022-12-12 11:56:04 us=765000 pkcs11_private_mode = 00000000
2022-12-12 11:56:04 us=765000 pkcs11_private_mode = 00000000
2022-12-12 11:56:04 us=765000 pkcs11_private_mode = 00000000
2022-12-12 11:56:04 us=765000 pkcs11_private_mode = 00000000
2022-12-12 11:56:04 us=765000 pkcs11_private_mode = 00000000
2022-12-12 11:56:04 us=765000 pkcs11_private_mode = 00000000
2022-12-12 11:56:04 us=765000 pkcs11_private_mode = 00000000
2022-12-12 11:56:04 us=765000 pkcs11_private_mode = 00000000
2022-12-12 11:56:04 us=765000 pkcs11_private_mode = 00000000
2022-12-12 11:56:04 us=765000 pkcs11_private_mode = 00000000
2022-12-12 11:56:04 us=765000 pkcs11_private_mode = 00000000
2022-12-12 11:56:04 us=765000 pkcs11_private_mode = 00000000
2022-12-12 11:56:04 us=765000 pkcs11_private_mode = 00000000
2022-12-12 11:56:04 us=765000 pkcs11_private_mode = 00000000
2022-12-12 11:56:04 us=765000 pkcs11_private_mode = 00000000
2022-12-12 11:56:04 us=765000 pkcs11_cert_private = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_cert_private = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_cert_private = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_cert_private = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_cert_private = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_cert_private = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_cert_private = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_cert_private = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_cert_private = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_cert_private = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_cert_private = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_cert_private = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_cert_private = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_cert_private = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_cert_private = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_cert_private = DISABLED
2022-12-12 11:56:04 us=765000 pkcs11_pin_cache_period = -1
2022-12-12 11:56:04 us=765000 pkcs11_id = '[UNDEF]'
2022-12-12 11:56:04 us=765000 pkcs11_id_management = DISABLED
2022-12-12 11:56:04 us=765000 server_network = 0.0.0.0
2022-12-12 11:56:04 us=765000 server_netmask = 0.0.0.0
2022-12-12 11:56:04 us=765000 server_network_ipv6 = ::
2022-12-12 11:56:04 us=765000 server_netbits_ipv6 = 0
2022-12-12 11:56:04 us=765000 server_bridge_ip = 0.0.0.0
2022-12-12 11:56:04 us=765000 server_bridge_netmask = 0.0.0.0
2022-12-12 11:56:04 us=765000 server_bridge_pool_start = 0.0.0.0
2022-12-12 11:56:04 us=765000 server_bridge_pool_end = 0.0.0.0
2022-12-12 11:56:04 us=765000 ifconfig_pool_defined = DISABLED
2022-12-12 11:56:04 us=765000 ifconfig_pool_start = 0.0.0.0
2022-12-12 11:56:04 us=765000 ifconfig_pool_end = 0.0.0.0
2022-12-12 11:56:04 us=765000 ifconfig_pool_netmask = 0.0.0.0
2022-12-12 11:56:04 us=765000 ifconfig_pool_persist_filename = '[UNDEF]'
2022-12-12 11:56:04 us=765000 ifconfig_pool_persist_refresh_freq = 600
2022-12-12 11:56:04 us=765000 ifconfig_ipv6_pool_defined = DISABLED
2022-12-12 11:56:04 us=765000 ifconfig_ipv6_pool_base = ::
2022-12-12 11:56:04 us=765000 ifconfig_ipv6_pool_netbits = 0
2022-12-12 11:56:04 us=765000 n_bcast_buf = 256
2022-12-12 11:56:04 us=765000 tcp_queue_limit = 64
2022-12-12 11:56:04 us=765000 real_hash_size = 256
2022-12-12 11:56:04 us=765000 virtual_hash_size = 256
2022-12-12 11:56:04 us=765000 client_connect_script = '[UNDEF]'
2022-12-12 11:56:04 us=765000 learn_address_script = '[UNDEF]'
2022-12-12 11:56:04 us=765000 client_disconnect_script = '[UNDEF]'
2022-12-12 11:56:04 us=765000 client_crresponse_script = '[UNDEF]'
2022-12-12 11:56:04 us=765000 client_config_dir = '[UNDEF]'
2022-12-12 11:56:04 us=765000 ccd_exclusive = DISABLED
2022-12-12 11:56:04 us=765000 tmp_dir = 'C:\Users\Usuario\AppData\Local\Temp\'
2022-12-12 11:56:04 us=765000 push_ifconfig_defined = DISABLED
2022-12-12 11:56:04 us=765000 push_ifconfig_local = 0.0.0.0
2022-12-12 11:56:04 us=765000 push_ifconfig_remote_netmask = 0.0.0.0
2022-12-12 11:56:04 us=765000 push_ifconfig_ipv6_defined = DISABLED
2022-12-12 11:56:04 us=765000 push_ifconfig_ipv6_local = ::/0
2022-12-12 11:56:04 us=765000 push_ifconfig_ipv6_remote = ::
2022-12-12 11:56:04 us=765000 enable_c2c = DISABLED
2022-12-12 11:56:04 us=765000 duplicate_cn = DISABLED
2022-12-12 11:56:04 us=765000 cf_max = 0
2022-12-12 11:56:04 us=765000 cf_per = 0
2022-12-12 11:56:04 us=765000 max_clients = 1024
2022-12-12 11:56:04 us=765000 max_routes_per_client = 256
2022-12-12 11:56:04 us=765000 auth_user_pass_verify_script = '[UNDEF]'
2022-12-12 11:56:04 us=765000 auth_user_pass_verify_script_via_file = DISABLED
2022-12-12 11:56:04 us=765000 auth_token_generate = DISABLED
2022-12-12 11:56:04 us=765000 auth_token_lifetime = 0
2022-12-12 11:56:04 us=765000 auth_token_secret_file = '[UNDEF]'
2022-12-12 11:56:04 us=765000 vlan_tagging = DISABLED
2022-12-12 11:56:04 us=765000 vlan_accept = all
2022-12-12 11:56:04 us=765000 vlan_pvid = 1
2022-12-12 11:56:04 us=765000 client = DISABLED
2022-12-12 11:56:04 us=765000 pull = ENABLED
2022-12-12 11:56:04 us=765000 auth_user_pass_file = 'stdin'
2022-12-12 11:56:04 us=765000 show_net_up = DISABLED
2022-12-12 11:56:04 us=765000 route_method = 3
2022-12-12 11:56:04 us=765000 block_outside_dns = DISABLED
2022-12-12 11:56:04 us=765000 ip_win32_defined = DISABLED
2022-12-12 11:56:04 us=765000 ip_win32_type = 1
2022-12-12 11:56:04 us=765000 dhcp_masq_offset = 0
2022-12-12 11:56:04 us=765000 dhcp_lease_time = 31536000
2022-12-12 11:56:04 us=765000 tap_sleep = 0
2022-12-12 11:56:04 us=765000 dhcp_options = DISABLED
2022-12-12 11:56:04 us=765000 dhcp_renew = DISABLED
2022-12-12 11:56:04 us=765000 dhcp_pre_release = DISABLED
2022-12-12 11:56:04 us=765000 domain = '[UNDEF]'
2022-12-12 11:56:04 us=765000 netbios_scope = '[UNDEF]'
2022-12-12 11:56:04 us=765000 netbios_node_type = 0
2022-12-12 11:56:04 us=765000 disable_nbt = DISABLED
2022-12-12 11:56:04 us=765000 OpenVPN 2.6_beta1 [git:release/2.6/e778a6fd26d849dc] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Dec 2 2022
2022-12-12 11:56:04 us=765000 Windows version 10.0 (Windows 10 or greater), amd64 executable
2022-12-12 11:56:04 us=765000 library versions: OpenSSL 3.0.7 1 Nov 2022, LZO 2.10
2022-12-12 11:56:04 us=765000 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
2022-12-12 11:56:04 us=765000 Need hold release from management interface, waiting...
2022-12-12 11:56:05 us=125000 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:61836
2022-12-12 11:56:05 us=234000 MANAGEMENT: CMD 'state on'
2022-12-12 11:56:05 us=234000 MANAGEMENT: CMD 'log on all'
2022-12-12 11:56:05 us=343000 MANAGEMENT: CMD 'echo on all'
2022-12-12 11:56:05 us=343000 MANAGEMENT: CMD 'bytecount 5'
2022-12-12 11:56:05 us=359000 MANAGEMENT: CMD 'state'
2022-12-12 11:56:05 us=359000 MANAGEMENT: CMD 'hold off'
2022-12-12 11:56:05 us=359000 MANAGEMENT: CMD 'hold release'
2022-12-12 11:56:06 us=671000 MANAGEMENT: CMD 'username "Auth" "Mipc"'
2022-12-12 11:56:06 us=671000 MANAGEMENT: CMD 'password [...]'
2022-12-12 11:56:06 us=671000 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2022-12-12 11:56:06 us=671000 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
2022-12-12 11:56:06 us=671000 MANAGEMENT: >STATE:1670842566,RESOLVE,,,,,,
2022-12-12 11:56:06 us=734000 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
2022-12-12 11:56:06 us=734000 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_CLIENT,auth SHA1,keysize 256,key-method 2,tls-client'
2022-12-12 11:56:06 us=734000 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_SERVER,auth SHA1,keysize 256,key-method 2,tls-server'
2022-12-12 11:56:06 us=734000 TCP/UDP: Preserving recently used remote address: [AF_INET]direccion ip : port
2022-12-12 11:56:06 us=734000 ovpn-dco device [OpenVPN Data Channel Offload] opened
2022-12-12 11:56:08 us=796000 dco connect error: El equipo remoto rechazó la conexión de red. (errno=1225)
2022-12-12 11:56:08 us=796000 Closing DCO interface
2022-12-12 11:56:08 us=796000 SIGUSR1[soft,init_instance] received, process restarting
2022-12-12 11:56:08 us=796000 MANAGEMENT: >STATE:1670842568,RECONNECTING,init_instance,,,,,
2022-12-12 11:56:08 us=796000 Restart pause, 5 second(s)
2022-12-12 11:56:13 us=843000 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2022-12-12 11:56:13 us=843000 Re-using SSL/TLS context
2022-12-12 11:56:13 us=843000 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
2022-12-12 11:56:13 us=843000 MANAGEMENT: >STATE:1670842573,RESOLVE,,,,,,
2022-12-12 11:56:13 us=843000 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
2022-12-12 11:56:13 us=843000 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_CLIENT,auth SHA1,keysize 256,key-method 2,tls-client'
2022-12-12 11:56:13 us=843000 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_SERVER,auth SHA1,keysize 256,key-method 2,tls-server'
2022-12-12 11:56:13 us=843000 TCP/UDP: Preserving recently used remote address: [AF_INET]direccion ip : port
2022-12-12 11:56:13 us=843000 ovpn-dco device [OpenVPN Data Channel Offload] opened
2022-12-12 11:56:15 us=890000 dco connect error: El equipo remoto rechazó la conexión de red. (errno=1225)
2022-12-12 11:56:15 us=890000 Closing DCO interface
2022-12-12 11:56:15 us=890000 SIGUSR1[soft,init_instance] received, process restarting
2022-12-12 11:56:15 us=890000 MANAGEMENT: >STATE:1670842575,RECONNECTING,init_instance,,,,,
2022-12-12 11:56:15 us=890000 Restart pause, 5 second(s)
2022-12-12 11:56:20 us=921000 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2022-12-12 11:56:20 us=921000 Re-using SSL/TLS context
2022-12-12 11:56:20 us=921000 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
2022-12-12 11:56:20 us=921000 MANAGEMENT: >STATE:1670842580,RESOLVE,,,,,,
2022-12-12 11:56:20 us=921000 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
2022-12-12 11:56:20 us=921000 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_CLIENT,auth SHA1,keysize 256,key-method 2,tls-client'
2022-12-12 11:56:20 us=921000 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_SERVER,auth SHA1,keysize 256,key-method 2,tls-server'
2022-12-12 11:56:20 us=921000 TCP/UDP: Preserving recently used remote address: [AF_INET]direccion ip : port
2022-12-12 11:56:20 us=937000 ovpn-dco device [OpenVPN Data Channel Offload] opened
2022-12-12 11:56:22 us=968000 dco connect error: El equipo remoto rechazó la conexión de red. (errno=1225)
2022-12-12 11:56:22 us=968000 Closing DCO interface
2022-12-12 11:56:22 us=968000 SIGUSR1[soft,init_instance] received, process restarting
2022-12-12 11:56:22 us=968000 MANAGEMENT: >STATE:1670842582,RECONNECTING,init_instance,,,,,
2022-12-12 11:56:22 us=968000 Restart pause, 5 second(s)
2022-12-12 11:56:27 us=15000 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2022-12-12 11:56:27 us=15000 Re-using SSL/TLS context
2022-12-12 11:56:27 us=15000 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
2022-12-12 11:56:27 us=15000 MANAGEMENT: >STATE:1670842587,RESOLVE,,,,,,
2022-12-12 11:56:27 us=15000 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
2022-12-12 11:56:27 us=15000 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_CLIENT,auth SHA1,keysize 256,key-method 2,tls-client'
2022-12-12 11:56:27 us=15000 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_SERVER,auth SHA1,keysize 256,key-method 2,tls-server'
2022-12-12 11:56:27 us=15000 TCP/UDP: Preserving recently used remote address: [AF_INET]direccion ip : port
2022-12-12 11:56:27 us=15000 ovpn-dco device [OpenVPN Data Channel Offload] opened
2022-12-12 11:56:29 us=46000 dco connect error: El equipo remoto rechazó la conexión de red. (errno=1225)
2022-12-12 11:56:29 us=46000 Closing DCO interface
2022-12-12 11:56:29 us=46000 SIGUSR1[soft,init_instance] received, process restarting
2022-12-12 11:56:29 us=46000 MANAGEMENT: >STATE:1670842589,RECONNECTING,init_instance,,,,,
2022-12-12 11:56:29 us=46000 Restart pause, 5 second(s)
2022-12-12 11:56:34 us=78000 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2022-12-12 11:56:34 us=78000 Re-using SSL/TLS context
2022-12-12 11:56:34 us=78000 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
2022-12-12 11:56:34 us=78000 MANAGEMENT: >STATE:1670842594,RESOLVE,,,,,,
2022-12-12 11:56:34 us=78000 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
2022-12-12 11:56:34 us=78000 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_CLIENT,auth SHA1,keysize 256,key-method 2,tls-client'
2022-12-12 11:56:34 us=78000 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_SERVER,auth SHA1,keysize 256,key-method 2,tls-server'
2022-12-12 11:56:34 us=78000 TCP/UDP: Preserving recently used remote address: [AF_INET]direccion ip : port
2022-12-12 11:56:34 us=78000 ovpn-dco device [OpenVPN Data Channel Offload] opened
2022-12-12 11:56:36 us=125000 dco connect error: El equipo remoto rechazó la conexión de red. (errno=1225)
2022-12-12 11:56:36 us=125000 Closing DCO interface
2022-12-12 11:56:36 us=125000 SIGUSR1[soft,init_instance] received, process restarting
2022-12-12 11:56:36 us=125000 MANAGEMENT: >STATE:1670842596,RECONNECTING,init_instance,,,,,
2022-12-12 11:56:36 us=125000 Restart pause, 10 second(s)
 
Última edición:
De entrada, configura un firewall en ese equipo o parte de la config por defecto.

MANUAL: Mikrotik, OpenVPN e IKEv2 VPNs | Mikrotik

Hilo sobre MANUAL: Mikrotik, OpenVPN e IKEv2 VPNs: Introducción Como continuación del manual anterior, vamos a ver los pasos para montar dos tipos de VPN basadas en certificados de criptografía...
www.adslzone.net www.adslzone.net

Saludos!
 
pokoyo dijo:
De entrada, configura un firewall en ese equipo o parte de la config por defecto.

MANUAL: Mikrotik, OpenVPN e IKEv2 VPNs | Mikrotik

Hilo sobre MANUAL: Mikrotik, OpenVPN e IKEv2 VPNs: Introducción Como continuación del manual anterior, vamos a ver los pasos para montar dos tipos de VPN basadas en certificados de criptografía...
www.adslzone.net www.adslzone.net

Saludos!
Haz clic para expandir...
Hola Amigo gracias por tu respuesta estoy utilizando ont Huawei HG8240H, me costo configurarla . al fin localice este manual :

Sustitución de router Movistar con equipo Mikrotik - Alex Ariza

En este post veremos como usar un equipo Mikrotik para realizar una sustitución de un router de Movistar. Como sabéis ya hice un post de como sustituir un router Asus por el router de Movistar. Y como sabéis también hice especial hincapié en separar dos casos de uso: Un caso si teníamos Router...
alexariza.net
conseguí hacerle funcionar. con el router en modo bridge es muy fácil casi lo hace automático el solo .

configuro un firewall para el VPN?
 
Madre mía, master-slave ports, ese manual tiene un par de años o tres... o alguno más. Léete los manuales que hay en este foro anda, que están algo más actualizados. Y arranca desde una config por defecto, que por lo menos tienes un firewall. Sino te va a durar el router lo que un caramelo en la puerta de un colegio.

Saludos!
 
Ok asi lo hare entonces primero empiezo con un manual de ONT que hay aquí en el foro y después con el tuyo del vpn?
 
Segui tu manual de ONT y esta la config qu etengo ahora.
veo moverse datos pero no salgo a internet.


# dec/12/2022 15:25:55 by RouterOS 7.6
# software id = TIT7-8GE1
#
# model = RB750Gr3
# serial number = CC210F86FC59
/interface bridge
add name=bridge1
/interface ethernet
set [ find default-name=ether2 ] comment=LAN
set [ find default-name=ether3 ] comment=LAN
set [ find default-name=ether4 ] comment=LAN
set [ find default-name=ether5 ] comment=LAN
/interface vlan
add interface=ether1 name=vlan6-internet vlan-id=6
/interface pppoe-client
add add-default-route=yes disabled=no interface=vlan6-internet name=internet \
use-peer-dns=yes user=adslppp@telefonicanetpa
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip pool
add name=dhcp ranges=192.168.100.0/24
/ip dhcp-server
add address-pool=dhcp interface=bridge1 name=dhcp1
/port
set 0 name=serial0
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface list member
add interface=ether1 list=WAN
add interface=bridge1 list=LAN
/ip address
add address=192.168.100.1/24 interface=bridge1 network=192.168.100.0
/ip dhcp-client
add interface=ether1
/ip dhcp-server network
add address=0.0.0.0/24 gateway=0.0.0.0 netmask=24
add address=192.168.100.0/24 gateway=192.168.100.1 netmask=24
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
/system clock
set time-zone-name=Europe/Madrid
 
Te falta la config por defecto. Prácticamente todos mis manuales parten, si no lo especifican explícito, de dicha configuración. Tú estás arrancando de un equipo sin configuración.

Saludos!
 
Neurona59 dijo:
Amigo Pocoyo me puedes ayudar con esto? no me funciona el cloud .
Utilizo ONT si lo pongo conectado al router en modo bridge si funciona pero con la ont no funciona.
Haz clic para expandir...
Ya te dije que te faltaba toda la config por defecto. Arrancar desde un router sin configuración es duro, y está reservado a expertos en la materia, ¿lo eres?

Saludos!
 
Neurona59 dijo:
No amigo no lo soy , e leido tu manual primeros pasos.
Eso te refieres?
Haz clic para expandir...
No, me refiero a tu export. El primero que mandaste tenía 4 líneas de configuración, y eso me hace pensar que partiste de un reset sin configuración. Y eso, es para alguien que domina Mikrotik, no para alguien que está empezando.

Si estás empezando, deja que el router aplique su configuración por defecto y, sobre esa, modificas lo que necesites para adaptarlo a tu setup. Es lo que hacemos la inmensa mayoría de los mortales. Además de eso, y salvo que se especifique lo contrario, todos los manuales que he escrito se basan en ese mismo punto de partida: la configuración por defecto.

Saludos!
 
pokoyo dijo:
No, me refiero a tu export. El primero que mandaste tenía 4 líneas de configuración, y eso me hace pensar que partiste de un reset sin configuración. Y eso, es para alguien que domina Mikrotik, no para alguien que está empezando.

Si estás empezando, deja que el router aplique su configuración por defecto y, sobre esa, modificas lo que necesites para adaptarlo a tu setup. Es lo que hacemos la inmensa mayoría de los mortales. Además de eso, y salvo que se especifique lo contrario, todos los manuales que he escrito se basan en ese mismo punto de partida: la configuración por defecto.

Saludos!
Haz clic para expandir...
Gracias por tu ayuda , vuelvo a hacer un reset al router y configuro con el Quick Set, asi estaria bien?
Pero claro despues tengo que utilizar tu manual de configuración con ONT pues con el Quick set no me funciona.
 
Neurona59 dijo:
Gracias por tu ayuda , vuelvo a hacer un reset al router y configuro con el Quick Set, asi estaria bien?
Pero claro despues tengo que utilizar tu manual de configuración con ONT pues con el Quick set no me funciona.
Haz clic para expandir...
No hace falta ni que pases por el quick set. Dale un reset, y simplemente no marques ninguna opción (especialmente, NO marques la de “No default configuration)

Y, sobre eso, aplica la que sea tu configuración, dependiendo de tu ISP. Las que hemos conseguido recopilar, las tienes en este manual: https://www.adslzone.net/foro/mikro...figuraciones-basicas-isps-routeros-v7.580707/

Saludos!
 
Amigo te paso la config a ver si ahora esta bien.
solo e cambiado el entorno en vez del 88 le he puesto el 100 y los dns de google.



# dec/30/2022 15:38:56 by RouterOS 7.6
# software id = TIT7-8GE1
#
# model = RB750Gr3
# serial number = xxxxxxxxxxxxx
/interface bridge
add admin-mac=xxxxxxxxxxxxxxxxxxxx auto-mac=no comment=defconf name=bridge
/interface vlan
add interface=ether1 name=vlan6-internet vlan-id=6
/interface pppoe-client
add add-default-route=yes disabled=no interface=vlan6-internet name=internet \
use-peer-dns=yes user=adslppp@telefonicanetpa
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip pool
add name=dhcp ranges=192.168.100.10-192.168.100.254
/ip dhcp-server
add address-pool=dhcp interface=bridge name=defconf
/port
set 0 name=serial0
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=internet list=WAN
/ip address
add address=192.168.100.1/24 comment=defconf interface=bridge network=\
192.168.100.0
/ip dhcp-client
add comment=defconf interface=ether1
/ip dhcp-server network
add address=192.168.100.0/24 comment=defconf dns-server=8.8.8.8,8.8.4.4 \
gateway=192.168.100.1 netmask=24
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.100.1 comment=defconf name=router.lan
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
"defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related hw-offload=yes
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
/ipv6 firewall address-list
add address=::/128 comment="defconf: unspecified address" list=bad_ipv6
add address=::1/128 comment="defconf: lo" list=bad_ipv6
add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6
add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6
add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6
add address=100::/64 comment="defconf: discard only " list=bad_ipv6
add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6
add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6
add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6
/ipv6 firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMPv6" protocol=\
icmpv6
add action=accept chain=input comment="defconf: accept UDP traceroute" port=\
xxxxxx-xxxxxxx protocol=udp
add action=accept chain=input comment=\
"defconf: accept DHCPv6-Client prefix delegation." dst-port=546 protocol=\
udp src-address=fe80::/10
add action=accept chain=input comment="defconf: accept IKE" dst-port=500,4500 \
protocol=udp
add action=accept chain=input comment="defconf: accept ipsec AH" protocol=\
ipsec-ah
add action=accept chain=input comment="defconf: accept ipsec ESP" protocol=\
ipsec-esp
add action=accept chain=input comment=\
"defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=input comment=\
"defconf: drop everything else not coming from LAN" in-interface-list=\
!LAN
add action=accept chain=forward comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop packets with bad src ipv6" src-address-list=bad_ipv6
add action=drop chain=forward comment=\
"defconf: drop packets with bad dst ipv6" dst-address-list=bad_ipv6
add action=drop chain=forward comment="defconf: rfc4890 drop hop-limit=1" \
hop-limit=equal:1 protocol=icmpv6
add action=accept chain=forward comment="defconf: accept ICMPv6" protocol=\
icmpv6
add action=accept chain=forward comment="defconf: accept HIP" protocol=139
add action=accept chain=forward comment="defconf: accept IKE" dst-port=\
500,4500 protocol=udp
add action=accept chain=forward comment="defconf: accept ipsec AH" protocol=\
ipsec-ah
add action=accept chain=forward comment="defconf: accept ipsec ESP" protocol=\
ipsec-esp
add action=accept chain=forward comment=\
"defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=forward comment=\
"defconf: drop everything else not coming from LAN" in-interface-list=\
!LAN
/system clock
set time-zone-name=Europe/Madrid
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
 
Última edición:
¿A qué te refieres con que no te funciona? De entrada, el DDNS (no sé si te refieres a eso), no lo tienes ni activo. Fíjate en la fecha y hora del propio router, si la función de cloud está funcionando, verás un mensaje en el log cuando el equipo sincronice la hora usando dicho servicio.

Saludos!
 
Pocoyo ahora si que funciona todo , hasta la velocidad antes solo me daba 200 mb de 1gb qu etengo contratado y ahora sube hast alos 800 MB.
Muchas gracias si el cloud ya funciona perfecto. Gracias Master
 
una pregunta bien novata amigos....estoy metienedome en esto recien...manejo levemente el mikrotik.....para tener este openvpn server funcionando se necesita algun puerto abierto o no ? lo digo por que he tratado de correr el open vpn server sin poder conectarme....gracias de antemano
 
xaae dijo:
una pregunta bien novata amigos....estoy metienedome en esto recien...manejo levemente el mikrotik.....para tener este openvpn server funcionando se necesita algun puerto abierto o no ? lo digo por que he tratado de correr el open vpn server sin poder conectarme....gracias de antemano
Haz clic para expandir...
Lo tienes hasta en la wikipedia macho. No digo ya en la propia interfaz, que también.
 
Debes estar conectado o registrado para responder aquí.

Similar threads

E
Ayuda con el siguiente SCRIPT muchachos
Respuestas
13
Visitas
790
EL DONCITO 2022
G
Home Assistant, DuckDNS y Mikrotik ¿un problema?
Respuestas
9
Visitas
1,050
generalpirata
OrZ88
HAIRPIN NAT y SSL Let's Encrypt- Algo se me escapa
Respuestas
6
Visitas
703
pokoyo
M
Mejorar enlace punto a punto con dos LHG 5 ac
Respuestas
4
Visitas
859
pokoyo
J
L2tp/ipsec no ve servidor truenas y pc de la red
2 3
Respuestas
44
Visitas
2,142
jose maria fernandez
Arriba