No UDP support after all these years is really quite shameful. Tunneling TCP over TCP is insanely bad, the slightest packet loss and your connections are toast.
still not? I was moaning about this in 2006. I can't imagine why Mikrotik can't be bothered to implement UDP for OpenVPN when they have added so many other features.
This is my #1 gripe with mikrotik, you can't figure out if the feature you want to use is half-baked or not without testing it. And then once it works you had better not upgrade versions or it may very well break.
Finding a version which has all the features you need working used to be a nightmare.
I recently spent several hours trying to implement BFD...only to find out it's broken on CCR, known to be broken, and won't be fixed any time soon [1]
But to be fair, I've run across similar things in Cisco land. Spend hours trying to get something to work, when I finally run across an single line somewhere on their site that says what I'm trying to do doesn't work with CEF and I have to disable CEF if I want it to work. Which cuts my throughput by 10x.
My understanding is that MikroTik isn't a fan of OpenVPN (for whatever reason), and doesn't want to spend any more development time on the feature. Which is a shame, because it really is a poor choice without UDP support.
On the plus side, you can use the VM ("Metarouter") feature to host a real OpenVPN client inside an OpenWRT instance. But you don't get the nice admin console if you do that.
This is my #1 gripe with mikrotik, you can't figure out if the feature you want to use is half-baked or not without testing it. And then once it works you had better not upgrade versions or it may very well break.
Finding a version which has all the features you need working used to be a nightmare.