WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

Openvpn server not starting in RUT240

0 votes
2,371 views 4 comments
by
FW ver.: RUT2XX_R_00.01.04.1

The service Openvpn is not starting..

The log says that something is wrong with the command line options.

Is there something wrong with the init script?

Openvpn behaves normally when starting it manually.

Wed Dec 26 18:39:00 2018 daemon.err openvpn(7365727665725F627735)[21544]: Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: route (2.4.5)
Wed Dec 26 18:39:00 2018 daemon.warn openvpn(7365727665725F627735)[21544]: Use --help for more information.
Wed Dec 26 18:39:20 2018 daemon.err openvpn[8494]: event_wait : Interrupted system call (code=4)
Wed Dec 26 18:39:20 2018 daemon.notice openvpn[8494]: TCP/UDP: Closing socket
Wed Dec 26 18:39:20 2018 daemon.notice openvpn[8494]: /sbin/route del -net 192.168.11.0 netmask 255.255.255.0
Wed Dec 26 18:39:20 2018 daemon.notice openvpn[8494]: Closing TUN/TAP interface
Wed Dec 26 18:39:20 2018 daemon.notice openvpn[8494]: /sbin/ifconfig tun_s_*** 0.0.0.0
Wed Dec 26 18:39:20 2018 daemon.notice openvpn[8494]: SIGTERM[hard,] received, process exiting
Wed Dec 26 18:39:32 2018 daemon.err openvpn(7365727665725F627735)[21830]: Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: route (2.4.5)
Wed Dec 26 18:39:32 2018 daemon.warn openvpn(7365727665725F627735)[21830]: Use --help for more information.
Wed Dec 26 18:39:37 2018 daemon.err openvpn(7365727665725F627735)[21876]: Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: route (2.4.5)
Wed Dec 26 18:39:37 2018 daemon.warn openvpn(7365727665725F627735)[21876]: Use --help for more information.
Wed Dec 26 18:39:42 2018 daemon.err openvpn(7365727665725F627735)[21916]: Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: route (2.4.5)
Wed Dec 26 18:39:42 2018 daemon.warn openvpn(7365727665725F627735)[21916]: Use --help for more information.
Wed Dec 26 18:39:47 2018 daemon.err openvpn(7365727665725F627735)[21955]: Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: route (2.4.5)
Wed Dec 26 18:39:47 2018 daemon.warn openvpn(7365727665725F627735)[21955]: Use --help for more information.

1 Answer

0 votes
by anonymous

Hello,

Could you take a screenshot of your router's "Services -> VPN -> OpenVPN -> (edit)" menu and upload it here?

Also, can you tell more details what do you mean by "Openvpn behaves normally when starting it manually."? What do you refer as "starting it manually"? How are you starting OpenVPN when you receive above error messages?

Best answer
by

Hello,

here are the screenshots:

Starting manually means by me to connect via ssh and start ovpn via 


openvpn --config /var/etc/openvpn-7365727665725F627735.conf --daemon

I also managed to start it as user script because the Teltonika's init script (/etc/init.d/openvpn) fails.

The previously posted error messages originate from starting ovpn with the Teltonika's init script/web GUI.

by anonymous

Thank you for detailed information.

Your issues is related with incorrect OpenVPN configuration: You have created 3 "TLS-clients", but you have not fully configured them.

Solution is simple:

 a) you can either delete all 3 TLS-clients from your OpenVPN server's configuration (since they are not fully configured), or

 b) you can specify necessary IP address for each of the TLS-clients.

You can find example how to correctly configure TLS-client  here.

Take note that "Virtual local/remote endpoint" fields must be from successive /30 subnets. E.g. you can use the following "Virtual local/remote endpoint" IP address for your 3 TLS-clients: 192.168.11.5 / 192.168.11.6  ,  192.168.11.9 / 192.168.11.10  , 192.168.11.13 / 192.168.11.14.

by
The "automatic answer" did not do the trick and is not necessary for my purposes (I do not want static ips for the vpn devices). I have to start openvpn manually again. The init script does not start the ovpn server.

Here's the resulting config:

cat /etc/config/openvpn

config webui 'webui'
    option _auth 'tls'

config openvpn '7365727665725F627735'
    option dev 'tun_s_bw5'
    option proto 'udp'
    option persist_key '1'
    option port '1194'
    option persist_tun '1'
    option name_is_hexed '1'
    option verb '5'
    option keepalive '10 120'
    option status '/tmp/openvpn-status_7365727665725F627735.log'
    option enable '1'
    option comp_lzo 'yes'
    option cipher 'BF-CBC'
    option _auth 'tls'
    option _tls_cipher 'all'
    option server '192.168.11.0 255.255.255.0'
    option duplicate_cn '1'
    option ca '/lib/uci/upload/cbid.openvpn.7365727665725F627735.ca'
    option cert '/lib/uci/upload/cbid.openvpn.7365727665725F627735.cert'
    option key '/lib/uci/upload/cbid.openvpn.7365727665725F627735.key'
    option dh '/lib/uci/upload/cbid.openvpn.7365727665725F627735.dh'
    list push 'route 192.168.66.0 255.255.255.0'
    option client_config_dir '/etc/openvpn/ccd'

config client 'handy'
    option sname '7365727665725F627735'
    option cn 'handy'
    option lip '192.168.11.5'
    option rip '192.168.11.6'

config client 'tv'
    option sname '7365727665725F627735'
    option cn 'tv'
    option lip '192.168.11.9'
    option rip '192.168.11.10'

config client 'laptop'
    option sname '7365727665725F627735'
    option cn 'laptop'
    option lip '192.168.11.13'
    option rip '192.168.11.14'

System log:

Thu Jan  3 20:49:35 2019 daemon.err openvpn(7365727665725F627735)[10635]: Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: route (2.4.5)
Thu Jan  3 20:49:35 2019 daemon.warn openvpn(7365727665725F627735)[10635]: Use --help for more information.
Thu Jan  3 20:49:40 2019 daemon.err openvpn(7365727665725F627735)[10673]: Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: route (2.4.5)
Thu Jan  3 20:49:41 2019 daemon.warn openvpn(7365727665725F627735)[10673]: Use --help for more information.
Thu Jan  3 20:49:46 2019 daemon.err openvpn(7365727665725F627735)[10711]: Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: route (2.4.5)
Thu Jan  3 20:49:46 2019 daemon.warn openvpn(7365727665725F627735)[10711]: Use --help for more information.
Thu Jan  3 20:49:51 2019 daemon.err openvpn(7365727665725F627735)[10747]: Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: route (2.4.5)
Thu Jan  3 20:49:51 2019 daemon.warn openvpn(7365727665725F627735)[10747]: Use --help for more information.
Thu Jan  3 20:49:56 2019 daemon.err openvpn(7365727665725F627735)[10795]: Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: route (2.4.5)
Thu Jan  3 20:49:56 2019 daemon.warn openvpn(7365727665725F627735)[10795]: Use --help for more information.
by anonymous

Hello,

To confirm: ALL "TLS-client" fields are necessary. You still have not configured appropriate "Private network" / "Private netmask" values for each of your TLS-clients.