WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

RUT95x as OpenVPN Server with IP Static Clients

0 votes
397 views 2 comments
by anonymous

Hi,

I have configured a RUT955 as OpenVPN server, and I would like the other RUT95x (and PC) that will connect as Client to have a static virtual IP address.

But despite having loaded the CCD file in server, I am assigned another IP (10.10.10.6), how can I solve?

This is the contents of the CCD (which is named as the client certificate):

ifconfig-push 10.10.10.2 255.255.255.0

And this is the one from server.conf:

config openvpn 'server_vpn'

option persist_key '1'

option port '1194'

option keepalive '10 120'

option dev 'tun_s_vpn'

option verb '5'

option _role 'server'

option proto 'udp'

option comp_lzo 'yes'

option _auth 'tls'

option cipher 'BF-CBC'

option _tls_cipher 'all'

option auth 'sha1'

option _tls_auth 'none'

option ca '/lib/uci/upload/cbid.openvpn.server_vpn.ca'

option cert '/lib/uci/upload/cbid.openvpn.server_vpn.cert'

option key '/lib/uci/upload/cbid.openvpn.server_vpn.key'

option dh '/lib/uci/upload/cbid.openvpn.server_vpn.dh'

option server '10.10.10.0 255.255.255.0'

option enable '1'

option enable_ccd '1'

option client_config_dir '/etc/openvpn/ccd'

option client_to_client '1'

Thanks

1 Answer

0 votes
by anonymous

Hello,

To accomplish this, we can use the TLS Clients function. TLS Clients are a way to more specifically differentiate Clients by their Common Name (CN) found in the client certificate file. It can be used to assign specific VPN addresses to specific Clients and bind them to their LAN addresses so that other devices in the Client‘s LAN can be reached from the Server.  More information can be found on our wiki guide: https://wiki.teltonika-networks.com/view/OpenVPN_configuration_examples#Clients_from_Server

Regards.

by anonymous

Thanks for reply,

I had already tried, but while putting (like the example)

Virtual Local Endpoint 10.10.10.12

Virtual Remote Endpoint 10.10.10.11

if I try to connect from the Client it gives me this error

There is a problem in your selection of --ifconfig endpoints [local=10.10.10.12, remote=10.10.10.11].  The local and remote VPN endpoints must exist within the same 255.255.255.252 subnet.

I didn't understand what he would like in the Private network field, I don't know the local IP of the Client, and I don't want the client subnet in vpn.

Thanks

by anonymous
Hello,

Could you post your client configuration too, I will try to simulate your configs.

Regards.