FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
406 views 2 comments
by

Hello, I am setting up a VPN communication between a PC (OpenVpn Software) and a RUT240 router and I have doubts in the fields to fill in. The router has a SIM with a fixed IP (AA.AA.AA.AA), and a PLC (192.168.1.5) is connected to the LAN port (192.168.1.1) that I want to access from the PC. The server file has this code, i think the last two lines are not correct.

dev-node "ServerVPN"
mode server
port 1194

proto udp
dev tap

tls-server
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 0

tun-mtu 1500
tun-mtu-extra 32
mssfix 1450

ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ServerVPN.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ServerVPN.key"
dh  "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh2048.pem"

server 10.8.0.0 255.255.255.0

client-to-client
keepalive 10 120
cipher AES-128-CBC
comp-lzo

persist-key
persist-tun

client-config-dir  "C:\\Program Files\\OpenVPN\\config"

verb 3

route-delay 5
route-method exe

push "route 192.168.1.1 255.255.255.0"
route 192.168.1.0 255.255.255.0

When starting the software on the PC, the icon will appear in green:

And the configuration in the router is the following, in the field highlighted in yellow I don't know what to put:

The result is:

Thanks you.

1 Answer

0 votes
by anonymous

Hello,

Push route option on server configuration side is not necessary because push routes to the client allow it to reach other private subnets behind the server. In the Remote host/IP address field, you must specify your server public IP. Please refer to this guide on how to configure your OpenVPN service. There you will find many examples, one of them is the simplified windows server example: https://wiki.teltonika-networks.com/view/OpenVPN_configuration_examples

Best regards.

by

Hi, Thanks for the quick reply.

These examples explain the communication between two routers, in my case it is between a computer with a dynamic public IP and a RUT240 with static IP. In the router I have entered my public ip, read on the page https://whatismyipaddress.com/es/mi-ip, on the Remote Host / IP Address line, I don't know if that is correct.

I have configured everything according to the manual and it does not establish communication, do I have to additionally modify any line of the router's firewall or port forwarding? Attached images of the server and router configuration. The PC is connected to the Internet directly on a Sagem router.
Is there a way to test that the server is working properly?
 

Are the files of the certificates placed like this correct?

Thanks a lot.

by anonymous

Hello,

I see that even with an error your OpenVPN server successfully star but you should fix that error (Could not determine IPv4/IPv6 protocol). This message is printed when no IPv4/v6 preference is given in the config (i.e. proto udp/tcp is used) and OpenVPN is running as a server. Just change in server.conf on what you need udp4/upd6:

;proto tcp
proto tcp4

Also, what do you see in the router logs once you start OpenVPN client?

Regards.