FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
+1 vote
1,841 views 11 comments
by anonymous
I have successfully configured the VPN connection so that:

-I can ping my internal network from router's interface (by SSH) and any website on the Interne

But I cannot ping any site on the Internet or/and on my internal network from my personal computer that is on RUT240's LAN side.

I thank you in advance!

2 Answers

0 votes
by anonymous
Hello,

Could you post yours VPN configuration?

Best regards,
VidasKac.
by anonymous
Thank you for your fast answer! Meanwhile I have reconfigured the OpenVPN server so that he doesn't push all the client traffic through it. Now the RUT240 works perfectly for the VPN.

But I would have another question: how to create custom routes on this router so that I can reach networks on my VPN server side and that my clients on the VPN side can reach my RUT240 local network?

Thank you in advance!

Regards,

V.
by anonymous

Hello,

Try setting Static Route rules, for RUT240 in  Network > Routing > Statis Routes choose interface, in your case it should be openVPN, write in Destination address of another end of tunnel, e.g. if yours server LAN IP is 192.168.1.1 enter 192.168.1.0 enter Netmask, most likely 255.255.255.0, for Gateway write in Server IP (OpenVPN virtual IP or Server LAN IP)

For server do the same just replace Destination address and Gateway with RUT240 LAN IP and IP

That should do the trick.

Best regards,
VidasKac.

by anonymous

With this configuration my clients can't still raise my VPN network (10.0.0.0/8). Meanwhile if I ssh to the RUT240 he can reach my VPN network. Seems strange...

by anonymous

ok, just to clarify some things. 

Do you want to reach physical LAN network behind the router or do you want to reach other clients of a OpenVPN tunnel? 

  • If you want to reach Servers' physical network you need to configure static routes, and check if server firewall lets traffic through.
  • If you want to reach other OpenVPN clients  you need to: 
    • Enable client to client communication on server
    • Add routes to push options on server
    • Configure TLS clients on server
by anonymous

I want to reach servers' physical network with a properly tested server that works with other devices apart the RUT 240. The problem is the RUT240 that can reach my network (from SSH) but its clients can't.

by anonymous
Like you can see it doesn't take in count the latest route that I've added.
by anonymous
The question would then be how to route clients from my RUT240 to my VPN network as static routes don't work? Is it a firewall problem?
by anonymous
Could you please post yours VPN configuration first, that I asked before. Or even better send me RUT240 troubleshoot file through PM.

Also shouldn't yours Open VPN Gateway be 10.0.6.5 because it sets in pairs like 10.0.6.5 - remote endpoint and 10.0.6.6 local endpoint? And in the end why are you using 10.0.6.0/24 range for tunnel since it belongs to 10.0.0.0/8 and can cause IP conflict?
by anonymous
Just to close the thread and that people searching for answer could understand how to solve it.

On RUT240 you needed static route, but on other side there was need to update push routes so other networks could connect to you right?
0 votes
by anonymous
A simple schematization of my network:

Teltonika RUT240: -local IP=192.168.2.1

                               -VPN peer IP=10.0.6.2

                               - VPN gateway IP=10.0.6.1

Subnet mask of the VPN network= 10.0.6.0/24.

I just want to reach from the clients connected to the RUT240 the 10.0.0.0/24 network located behind 10.0.6.1.
by anonymous
I have exactly same problem can't access my devices that is in my lan behind openvpn server. If you find any solution please write it here.
by anonymous
Hello Laimonas,

You need to add static route to yours client router, and update push route options on server to include said router.