FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
579 views 4 comments
by

After the release of the new RUTX11 firmware, an OpenVPN tunnel between the server (RUTX11) and the client (RUT240) is active. The RUT240 (client) and the computer on its network ping both the virtual and network addresses of the server and the network address of the computer on the server network. However, on the server side, ping is currently only available from the server to the client's RUT240 virtual address, but network addresses (router, the computer and PLC) are not pinged.

Everything has been done according to the instructions of the Teltonika OpenVPN wiki. RUTX11 OpenVPN server settings have a "TLS Clients" for client binding and the new version has changed the conditions compared to the previous version, maybe there is a conflict. What should be done to access the client's network?

1 Answer

0 votes
by anonymous
Hi,

There's an issue with RUTOS OpenVPN TLS clients. Currently even though TLS clients are configured correctly, no static routes are added to RUTX11 routing table and that's why server side cannot reach OpenVPN client's LAN network.

This issue has already been reported to RnD, I'll inform you once FW with a fix will be available.
by
When we could expect a FW with a fix?
by
Any news about FW fix?
by anonymous

Hi,

RUTOS 2.4 FW version was released yesterday, it can be downloaded from here.

by

After the FW update, the situation is the same - there is no route to the client's LAN network. When creating a TLS client, there is instruction to enter an email address in the Common Name (CN) field. A new option in RUTX11 is the TLS certificates generating  in the router - but there is no possibility to enter an e-mail address? Repeated attempts with both the e-mail address and the CN (in client file) did not yield any results, the server does not ping the client's network.