FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
2,446 views 4 comments
by anonymous
Hello,

i have 3 RUT240 in 3 different locations, is it possible to bridge all of them with TAP configuration?

I already have two of them working in TAP but my third router doesn't connect

4 Answers

0 votes
by anonymous

So to summarize it after updating all routers to latest firmware (RUT2XX_R_00.01.06.1) and deleting "list _extra 'admin'" from the config files of the clients everything is working as it should.

OpenVPN bridge with more than two endpoints is working !!!!

Thank you all for your support

Best answer
0 votes
by anonymous
Hi,

I have tested the scenario you described and it seems to be a bug in our current firmware. Sorry for the inconvenience and we will try to fix this in our next release.
by
Hi, thank you for the information.

Is there a time estimation about the next release?

Could you give me more information about the bug you discovered?
0 votes
by anonymous

Hello,

Yes, it is possible to connect multiple devices to one OpenVPN TAP Server and have all your devices in "one LAN". Just take note that in this case all devices must be in the same network (e.g. default 192.168.1.0/24) and have different IP address (e.g. 192.168.1.1, 192.168.1.2 and 192.168.1.3).

If there are no IP conflicts in your network and if your OpenVPN certificates were built correctly (so that both "client certificates" could connect to same server), everything should be working. Just take note, that by default "client to client" communication between OpenVPN clients are not enabled. To enabled it, simply select "Client to client" checkbox in your OpenVPN server's configuration.

by
Hi, all devices are on the same network and all of them have different IP addresses. The clients connect one at a time but not both at the same time, so certificates must be OK (each client has different certificate). I suppose it is the bug stated in the first reply.
0 votes
by anonymous

Hello again,

after updating all routers to latest firmware (RUT2XX_R_00.01.06.1) i was unable to connect them with VPN.
i think that GUI passes something wrong to config file (last option on client setup always auto completed with router password even if i delete it)

Here are my config files (got them with shh on each router, /etc/config/openvpn)

Any ideas?

Server:
config webui 'webui'
        option _auth 'tls'
 
config openvpn '7365727665725F454F58'
        option persist_key '1'
        option port '1194'
        option keepalive '10 120'
        option name_is_hexed '1'
        option verb '5'
        option client_config_dir '/etc/openvpn/ccd'
        option server_bridge 'nogw'
        option mode 'server'
        option dev 'tap'
        option proto 'tcp-server'
        option comp_lzo 'yes'
        option cipher 'BF-CBC'
        option _auth 'tls'
        option _tls_cipher 'all'
        option ca '/lib/uci/upload/cbid.openvpn.7365727665725F454F58.ca'
        option cert '/lib/uci/upload/cbid.openvpn.7365727665725F454F58.cert'
        option key '/lib/uci/upload/cbid.openvpn.7365727665725F454F58.key'
        option dh '/lib/uci/upload/cbid.openvpn.7365727665725F454F58.dh'
        option enable '1'

Client1:
config webui 'webui'
        option _auth 'tls'
 
config openvpn '636C69656E745F53504F5431'
        option persist_key '1'
        option port '1194'
        option name_is_hexed '1'
        option verb '5'
        option nobind '1'
        option client '1'
        option enable '1'
        option dev 'tap'
        option proto 'tcp-client'
        option comp_lzo 'yes'
        option cipher 'BF-CBC'
        option _auth 'tls'
        option _tls_cipher 'all'
        option remote '10.21.4.10'
        option resolv_retry 'infinite'
        option keepalive '10 120'
        list _extra 'admin'
        option auth 'sha1'
        option _tls_auth '0'
        option ca '/lib/uci/upload/cbid.openvpn.636C69656E745F53504F5431.ca'
        option cert '/lib/uci/upload/cbid.openvpn.636C69656E745F53504F5431.cert'
        option key '/lib/uci/upload/cbid.openvpn.636C69656E745F53504F5431.key'

Client2:
config webui 'webui'
        option _auth 'tls'
 
config openvpn '636C69656E745F53504F543132'
        option persist_key '1'
        option port '1194'
        option name_is_hexed '1'
        option verb '5'
        option nobind '1'
        option client '1'
        option enable '1'
        option dev 'tap'
        option proto 'tcp-client'
        option comp_lzo 'yes'
        option cipher 'BF-CBC'
        option _auth 'tls'
        option _tls_cipher 'all'
        option remote '10.21.4.10'
        option resolv_retry 'infinite'
        option keepalive '10 120'
        list _extra 'admin'
        option auth 'sha1'
        option _tls_auth '0'
        option ca '/lib/uci/upload/cbid.openvpn.636C69656E745F53504F543132.ca'
        option cert '/lib/uci/upload/cbid.openvpn.636C69656E745F53504F543132.cert'
        option key '/lib/uci/upload/cbid.openvpn.636C69656E745F53504F543132.key'

Server has no error on the log but both client have,

Client1 log:
root@RUT240YMCA:~# /etc/init.d/openvpn restart
root@RUT240YMCA:~# logread -f
Thu Mar 21 23:03:59 2019 daemon.err openvpn(636C69656E745F53504F5431)[19793]: Options error: Unrecognized option or missing or extra parameter(s) in openvpn-636C69656E745F53504F5431.conf:17: admin (2.4.5)
Thu Mar 21 23:03:59 2019 daemon.warn openvpn(636C69656E745F53504F5431)[19793]: Use --help for more information.
Thu Mar 21 23:04:04 2019 daemon.err openvpn(636C69656E745F53504F5431)[19812]: Options error: Unrecognized option or missing or extra parameter(s) in openvpn-636C69656E745F53504F5431.conf:17: admin (2.4.5)
Thu Mar 21 23:04:04 2019 daemon.warn openvpn(636C69656E745F53504F5431)[19812]: Use --help for more information.
Thu Mar 21 23:04:09 2019 daemon.err openvpn(636C69656E745F53504F5431)[19829]: Options error: Unrecognized option or missing or extra parameter(s) in openvpn-636C69656E745F53504F5431.conf:17: admin (2.4.5)
Thu Mar 21 23:04:09 2019 daemon.warn openvpn(636C69656E745F53504F5431)[19829]: Use --help for more information.
Thu Mar 21 23:04:14 2019 daemon.err openvpn(636C69656E745F53504F5431)[19848]: Options error: Unrecognized option or missing or extra parameter(s) in openvpn-636C69656E745F53504F5431.conf:17: admin (2.4.5)
Thu Mar 21 23:04:14 2019 daemon.warn openvpn(636C69656E745F53504F5431)[19848]: Use --help for more information.
Thu Mar 21 23:04:14 2019 daemon.info procd: Instance openvpn::636C69656E745F53504F5431 s in a crash loop 6 crashes, 0 seconds since last crash

Client2 log:
root@RUT240DIKA:~# /etc/init.d/openvpn restart
root@RUT240DIKA:~# logread -f
Fri Mar 22 15:06:27 2019 daemon.err openvpn(636C69656E745F53504F543132)[7725]: Options error: Unrecognized option or missing or extra parameter(s) in openvpn-636C69656E745F53504F543132.conf:17: admin (2.4.5)
Fri Mar 22 15:06:27 2019 daemon.warn openvpn(636C69656E745F53504F543132)[7725]: Use --help for more information.
Fri Mar 22 15:06:32 2019 daemon.err openvpn(636C69656E745F53504F543132)[7755]: Options error: Unrecognized option or missing or extra parameter(s) in openvpn-636C69656E745F53504F543132.conf:17: admin (2.4.5)
Fri Mar 22 15:06:32 2019 daemon.warn openvpn(636C69656E745F53504F543132)[7755]: Use --help for more information.
Fri Mar 22 15:06:37 2019 daemon.err openvpn(636C69656E745F53504F543132)[7774]: Options error: Unrecognized option or missing or extra parameter(s) in openvpn-636C69656E745F53504F543132.conf:17: admin (2.4.5)
Fri Mar 22 15:06:37 2019 daemon.warn openvpn(636C69656E745F53504F543132)[7774]: Use --help for more information.
Fri Mar 22 15:06:42 2019 daemon.err openvpn(636C69656E745F53504F543132)[7793]: Options error: Unrecognized option or missing or extra parameter(s) in openvpn-636C69656E745F53504F543132.conf:17: admin (2.4.5)
Fri Mar 22 15:06:42 2019 daemon.warn openvpn(636C69656E745F53504F543132)[7793]: Use --help for more information.
Fri Mar 22 15:06:47 2019 daemon.err openvpn(636C69656E745F53504F543132)[7817]: Options error: Unrecognized option or missing or extra parameter(s) in openvpn-636C69656E745F53504F543132.conf:17: admin (2.4.5)
Fri Mar 22 15:06:47 2019 daemon.warn openvpn(636C69656E745F53504F543132)[7817]: Use --help for more information.
Fri Mar 22 15:06:47 2019 daemon.info procd: Instance openvpn::636C69656E745F53504F543132 s in a crash loop 6 crashes, 0 seconds since last crash

by anonymous

Hi, 

Try to delete this one:   list _extra 'admin'

by anonymous
Perfect, this worked

thank you for the help