Question

Hi,

I have a RUT955 running the latest firmware at time of writing. I am trying to get internet working from the LAN ports through OpenVPN over the 4G connection.

I have restored the device to factory defaults and run through the basic setup wizard. I can access the internet at this point fine (my laptop acquires a 192.168.1.X address via DHCP).

I then go to configure OpenVPN and upload the OpenVPN configuration files and client certificate provided by my VPN provider. I think save the configuration. I can then see the VPN is connected when I go to Status > Network >OepnVPN I can see 'Enabled - Yes' and 'Status - Connected' and 'Type - Client'.  Other options say 'Not available in custom configuration mode'. I then return to my normal browser on my laptop and attempt to browse to 'Google.com' and no web page loads.

Are there any additional settings that I need to apply? NAT, Firewall, or directing the LAN connection to use OpenVPN?

If I disable the OpenVPN connection I am then able to browse the internet normally.

Answer 1

Hello,

Which VPN provider are you using?

I would guess that you still need to setup DNS servers to your VPN providers

Here are tutorials for NordVPN and ExpressVPN providers which might help in your configuration:

https://wiki.teltonika-networks.com/view/Anonymous_browsing_from_your_home_network_using_NordVPN_and_RUT9xx_router

https://wiki.teltonika-networks.com/view/Anonymous_browsing_from_your_home_network_using_ExpressVPN_and_RUT9xx_router

Please try the steps according to your provider, and let me know the results.

Comments

I have tried smartydns and PIA which both have a similar setup to Nord and ExpressVPN. I followed the two guides you included, the process I used was the same from a fresh factory-defaulted device. E.g. download the configuration files, upload to router etc. I have also entered the passwords in and uploaded the CA file. Both smartydns and PIA did not work and internet ceased to function when activating the service.

Logging from OpenVPN shows that the tunnel successfully established, I can see tun0 and it also add's in the respective default routes 128.0.0.0 etc.

I just tried adding in the DNS entries in for smartydns, cleared my laptop IP settings with a new DHCP lease etc, and 'google.com' still does not load from the browser. Also, I cannot ping an address such as 8.8.8.8 or 1.1.1.1 from the laptop - I receive 'request timed out' which suggests it isnt a DNS issue?

---

Further debugging.

The below was done with a Nord VPN using the instructions provided, still no internet.

I am running tcpdump from the built-in CLI via the web browser on the RUT. On the laptop I am attempting to ping 1.1.1.1 and 8.8.8.8.

I can see the following:

tcpdump -i tun0 -n -v
192.168.1.X > 1.1.1.1: ICMP echo request, id 1, seq XXX, length XXX
192.168.1.X > 1.1.1.1: ICMP echo request, id 1, seq XXX, length XXX
192.168.1.X > 1.1.1.1: ICMP echo request, id 1, seq XXX, length XXX
etc...

Notice, no return traffic coming through tun0.

and

tcpdump -i wwan0 -n -v

WAN_IP.50001 > VPN_IP.443, proto TCP, flags, length etc.
VPN_IP.443 > WAN_IP.50001, proto TCP, flags, length etc.
WAN_IP.50001 > VPN_IP.443, proto TCP, flags, length etc.
VPN_IP.443 > WAN_IP.50001, proto TCP, flags, length etc.

WAN_IP = the IP assigned to my WAN interface by the ISP
VPN_IP = the public IP address of the VPN

As you can see, the wwan0 interface is both sending and receiving traffic, whilst tun0 only see's transmit traffic and no return traffic.

---

Still no luck.

I have tried Nord OpenVPN using UDP.

Running tcpdump on wwan0 can see traffic going out of the RUT on wwan0 but no return VPN traffic. This is just performing a simple ping from the laptop on network 192.168.1.X.

If I go into the RUT cli I can ping the OpenVPN endpoint successfully, so I know the tunnel has successfully been established.

I have also tried restoring to factory default and rolling back a number of different firmware versions, all have the same problem.

---

Hello,

Thank you for a detailed description of the issue, we were able to reproduce it and escalated it to RnD for further analysis and fixes.

I will let you know of the current progress.

Best regards

---

Thank you.

Any updates so far?

---

Hello,

Could you please flash this test firmware (Without keeping previous settings) and test it with your VPN provider?

It should fix the issue. Please, let me know if everything works correctly or not.

RUT9XX_T_F2081_00.06.05.375

---

Thank you, that has fixed the issue. VPN is correctly working now.

---

Thank you for the feedback, it is always appreciated. Fixes will be available in the next official firmware release.

---

Hello,

Sorry to hijack but I have a very similar issue on the RUTX09, extremely frustrating.

Is it possible this same issue appears on RUTXXX series?

Have a test firmware for the RUTX09 also?

Many thanks!!!

---

Hello,

Could you please describe the issue you are facing on RUTx09?

Answer 2

I had the same problem, but even with the latest firmware I could not get it to work. I had my own OpenVPN server and there is a possibility that the issue could have been fixed on that side.

I did, however, solve it by changing the DNS server settings for my mobile WAN. Instead of using the default "Use DNS servers advertised by peer", I manually entered Google's DNS servers (8.8.8.8 and 8.8.8.4).

So, if you connect to an OpenVPN server that does not properly forward DNS server information, this might cause this issue.

Answer 3

Hello there,

i think, the problem is in the file /etc/config/openvpn.

If you create a new openvpn client, for example 'myovpn', in the 'openvpn' file should appear somewhere below the following entry

 >> config openvpn 'client_myovpn' >>

this option:

....

    option dev 'tun_c_myovpn'

....

But there is always an entry:

....

   option dev 'tun'

change from 'tun' to 'tun_c_myovpn' was my solution.