10933 questions

13039 answers

20334 comments

27478 members

0 votes
692 views 1 comments
by
Hi to all!
Is there a way to export VPN client configuration file from RUT230/RUT955?
I'm using following configuration for VPN client on RUT230/RUT955:

TUN/TAP = TUN
Protocol = TCP
Port = 8974
LZO = no
Authentication = TLS/Password
Encryption = AES-128-CBC-128
TLS cipher = All
Remote host = x.x.x.x
Resolve retry = infinite
Keep alive = 30 300

HMAC authentication = SHA1
Additional HMAC = none
Username = ***
Password = ***
Private key = ****
Certificates: CA.crt, client1.crt, client1.key

I can connect to OpenVPN server.

Now, I move same certificates on different client where I write configuration file:

client
cipher AES-128-CBC
dev tun
port 8974
proto tcp-client
remote x.x.x.x
resolv-retry infinite
keepalive 30 300
nobind
remote-cert-tls server
ca /etc/openvpn/CA.crt
cert /etc/openvpn/client1.crt
key /etc/openvpn/client1.key
persist-key
persist-tun
verb 0
reneg-sec 0
auth-user-pass /etc/openvpn/login.conf
askpass /etc/openvpn/keypass
#log-append /var/log/openvpn.log
auth-nocache

Not working (I already checked login.conf and keypass files).
Which is equivalent client configuration for Teltonika?
Thanks.

1 Answer

0 votes
by
Hi,

Unfortunately, our OpenVPN service can only import .ovpn configuration files and take what it needs from them, exporting them from our router as .ovpn file is not possible as there is no developed feature for that. I believe you could do that with third-party packages, but I do not know any specific one for this task.

What I would suggest is to take a look at the /etc/config/openvpn file where we import the data and use it for the service. So if you would ever want to use the config on another Teltonika router you would have to either copy the /etc/config/openvpn file or have a .ovpn configuration file prepared for importing.

EB.
by
After several tests, using same certificates on RUT230, RUT955 and Ubuntu, I found this:

RUT230 and RUT955 always connecting to OpenVPN server.
Ubuntu client connecting only removing "remote-cert-tls server".
So I suppose Teltonika configuration won't use this option. May you confirm this? Or trouble would be somewhere else?
Thanks.