FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
1,245 views 4 comments
by anonymous

Good Afternoon,

I would like to configure the RUT240 to connect via IPSec to a Fritz!Box 7590. The Fritz!Box's owner sent me these configuration information:

  • VPN Type: "IPSec" or "IPSec Xauth PSK"
  • Public Server IP
  • ID IPsec
  • Shared Secret Key
  • Username
  • Password

I know also that the LAN IP of the FritzBox is 192.168.188.1 and the remote IP assigned to my Username/Password will be static into 192.168.188.202.

I have used this configuration:

  • Authentication Type: Pre-shared key
  • IKE version: IKE v1
  • Mode: Aggressive
  • Use additional Xauth password: Checked
  • Xauth Password: PASSWORD provided
  • Type: Tunnel
  • Remote IP Address: 192.168.188.202/32
  • Remote VPN endpoint: FRITZBOX PUBLIC IP

Then I created a pre-shared key with this configuration:

  • Pre-shared key: Shared Secret Key provided
  • Secret's ID selector: USERNAME provided

The Tunnel is estabilished but Teltonika cannot ping the FritzBox.

Can you please help me?

Thank you

1 Answer

0 votes
by anonymous
Hi,

Could it be that the fritzBox firewall is blocking incoming pings from other IPSec clients?

By established connection do you mean that only ping doesn't come through? How about the overall connection with devices?

EB.
by

Hi,

by estabilished I mean that writing ipsec statusall in CLI, it answer with:

ESTABILISHED 1 second ago, 192.168.1.49 [USERNAME]...FRITZBOX_PUBLIC_IP [FRITZBOX_PUBLIC_IP] 

but the connection remains estabilished only for few seconds then try to reconnect again

by anonymous
  1. Is your public IP static or dynamic?
  2. Have you tried looking into the firewall settings of your fritzbox and see if everything is allowed?
  3. You can also try disabling the RUT240 firewall, just enter /etc/init.d/firewall stop in CLI and then check if connection establishes correctly.
  4. Also, check if your IPSec phase 1 and 2 configurations are the same as in the Fritzbox, might be that once the connection establishes it doesn't go through phases correctly.
EB.
by anonymous
  1. FritzBox has a static Public IP, while RUT240 is connected via WAN to a Asus Router with a Public Static IP. If I try to connect via LAN to the Asus Router, the VPN tunnel is estabilished correctly and I can ping my static remote address (192.168.188.202) - I've tried using Ubuntu, Windows and Android
  2. Accordingly to FritzBox owner, everything is allowed, otherwise I could not ping myself even on other platforms
  3. Nothing seems to change
  4. The IPSec Phase 1 and 2 Configurations are the same as in FritzBox
by anonymous
Could you please download and send me your troubleshoot file after you tried establishing an IPSec connection?

You can do that via private messages, just click on my profile name and you'll see the private message button.

EB.