FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
744 views 14 comments
by anonymous
Can I send an SMS message to a remote RUT950 to change OpenVPN interface from TAP to TUN?
by anonymous
As I have already told you, we have UCI via SMS disabled as part of the security baseline. I need to be able to send an SMS that has the content of the RUT950 to RUT950 message. I can't use UCI in this instance. Please read the thread comments above.
by anonymous

So I enabled UCI on a new RUT950 I deployed today and the results are disappointing. Whilst the commands that are sent work, there are issues. The device seems to accept the first SMS and then goes into some timeout mode where it wont accept any more SMS messages for up to 5mins. It will then accept the next message and go into the timeout mode again.

SMS sent:

Causes timeout - you can see the gsmctl command works to display a text message on the device, after I send the next command the device goes into some sort of timeout mode and the next SMS that I send doesn't do anything. If I wait 5mins or so the next SMS that I send does make a change on the device:

So in summary, I can send the first UCI command SMS and it works. If I follow it up with the next SMS straight away it does nothing, it is not visible in the SMS statistics on the device or from the command line gsmctl which shows the timeout message for approx 5mins. Once it comes back online I can send the next message and the same happens again. I certainly cannot send three SMS's in succession and get the three commands to apply.

The commands I was testing with were:

<password> uci set system.system.hostname='MCY_RUT950.local'
<password> uci commit system
<password> luci-reload
 

1 Answer

0 votes
by anonymous

Hello,

Yes, this is possible with UCI API option in the sms utilities section.

You can send a command uci show open vpn then you would get a reply with configurations , something like this:
                

openvpn.webui=webui                                                                           
openvpn.webui._auth='tls'                                                                     
openvpn.server_123=openvpn                                                                    
openvpn.server_123.persist_key='1'                                                            
openvpn.server_123.port='1194'                                                                
openvpn.server_123.keepalive='10 120'                                                         
openvpn.server_123.verb='5'                                                                   
openvpn.server_123._role='server'                                                             
openvpn.server_123.proto='udp'                                                                
openvpn.server_123.enable='1'                                                                 
openvpn.server_123._auth='skey'                                                               
openvpn.server_123.cipher='BF-CBC'                                                            
openvpn.server_123.dev='tap'      

Then you can reply back with :

1 )<Password of router here> uci set openvpn.server_123.dev='tun_s_123' 

2)<Password of router here> uci commit openvpn 

3)<Password of router here> luci-reload 


Example: Admin123 uci set openvpn.server_123.dev='tun_s_123' 


After this it would be changed to the Tap.

I hope it would help.

Thank you.

Have a good day.

by anonymous
For security reasons the UCI API is turned off on our routers when they are sent to the remote sites however Remote Configuration (as shown in screenshot above) is enabled.
by anonymous
Hello,

I am checking with the team .

Thank you.
by anonymous
Hello,

Could you please refer to the following:

https://wiki.teltonika-networks.com/view/RUT955_SMS_Utilities#Remote_Configuration

I hope it helps.

Thank you.
by anonymous
"RUT routers can be configured via SMS from another RUT router."

I have already looked at this page and unfortunately it won't work because our other RUT950 devices don't have SIM cards that allow outbound SMS, they can only receive SMS messages. I can't use another RUT950 to send the required config.

I need to know the format of the message that would be sent so that I can send it manually to change the TUN/TAP setting.

Surely there is documentation on the syntax / format of the SMS that needs to be sent.
by anonymous

You can use UCI command to change the TUN/TAP . 

Like i tried changing the Encryption from AES 256 CBC to AES 128 i followed the following :

<Password> uci set openvpn .server_Server.cipher=AES-128-CBC

Admin123 uci set openvpn .server_Server.cipher=AES-128-CBC

Admin123 uci commit openvpn

Admin123 Reboot (to apply changes) 

For changing TAP/TUN use:

Admin123 uci set openvpn.server_Server.dev='tun_s_Server' (For changing to tunnel)

Admin123 uci set openvpn.server_Server.dev='tap' (For changing to TAP)

Thank you.