FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
1,069 views 4 comments
by anonymous

Hello,

Since i can’t get a public IP with a SIM card for a reasonable cost (my ISP assigning to RUT240 a private IP like 10.xxx.xxx.xxx), I want to setup ProtonVPN in RUT 240 router, in order to allow communications between my LAN equipment and its remote WAN server.

I followed this guide from ProtonVPN : https://protonvpn.com/support/how-to-set-up-protonvpn-on-openwrt-routers/

Step 2 tell me to upload an OPVN OpenVPN config file in RUT240.

In addition, I followed steps from Teltonika Networks Wiki which explains how to set up ExpressVPN VPN connection using RUT9xx routers https://wiki.teltonika-networks.com/view/RUT9xx_ExpressVPN_configuration_example#Prerequisites

So, i added a new OpenVPN configuration called in this example « ProtVPNL01 », i edited it, i checked « Enable OpenVPN Config from file » box, i uploaded the ProtonVPN OPVN config file, i checked « Upload OpenVPN authentication files », i set “Authentication to Password” , i write a ProtonVPN OpenVPN username and password (printscreen 1 below, OpenVPN Instance : « ProtVPNL01 »).

I saved the « ProtVPNL01 » OpenVPN instance. No error. But the OpenVPN configuration section showed « Not Available » value for « TUN/TAP », « Protocol » and « Port » parameters (printscreen 2 below, OpenVPN configuration).

It seems that RUT240 don’t upload or read correctly the ProtonVPN OVPN config file (here attached).

Note : I run this test with no SIM Card and no WAN active connection, but it doesn’t seem to be the cause of the detailed problem.

Question 1 : Why RUT240 don’t upload or read correctly the ProtonVPN OVPN config file ? Is there something wrong with the content of the OPVN config file, with my settings, or with RUT240 ?

Question 2 : What should I do to upload correctly ProtonVPN OVPN config file ?

Thanks for your support,

by anonymous

Hello,
The same situation with my RUT950. Use latest firmware RUT9XX_R_00.06.08.2

In Logs there are next strings:
1.  daemon.warn openvpn(client_ProtVPN)[4508]: DEPRECATED OPTION: --cipher set to '
AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore
 --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC'
to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.

(If "cipher AES-256-CBC" change to "cipher AES-256-GCM" it seems to be good and warning disapear)

2. daemon.err openvpn(client_ProtVPN)[4508]: neither stdin nor stderr are a tty device
and you have neither a controlling tty nor systemd - can't ask for 'Enter Auth Username:'.  If you
used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --a
uth-nocache.

Below part of .ovpn file without certificates and key:

client
dev tun
proto udp

remote 185.159.157.19 443
remote 185.159.157.19 5060
remote 185.159.157.19 1194
remote 185.159.157.19 80
remote 185.159.157.19 4569

remote-random
resolv-retry infinite
nobind

# The following setting is only needed for old OpenVPN clients compatibility. New clients
# automatically negotiate the optimal cipher.
cipher AES-256-CBC

auth SHA512
verb 3

setenv CLIENT_CERT 0
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun

reneg-sec 0

remote-cert-tls server
auth-user-pass
pull
fast-io



And as result: daemon.notice openvpn(client_ProtVPN)[4508]: Exiting due to fatal error  

Can anybody help how to correct that error?

Thanks in advance.

1 Answer

0 votes
by anonymous
Hello,

Thank you for contacting.

May i know what is the firmware on the device ?

Did you tried on the latest ?

https://wiki.teltonika-networks.com/view/RUT240_Firmware_Downloads

Thanks

Regards,

Ahmed
by anonymous
Hello,
I use the latest FW RUT2XX_R_00.01.14 that i uploaded in April in RUT240.
I don't use the factory FW RUT2XX_R_00.01.14 that have been available on your website at the end of may, or beginning of June.
But it seems they are the identical because their Changelog date are the same.
Thanks for your support,
by anonymous

Hello,

For the webui part you will not be able to see this info in webui because you are uploading file. 

You can see that by checking /etc/config/openvpn.

 also since option Upload authentication files is chosen, but only password, username is entered, while no files were uploaded my guess would be it fails somewhere during authentication. 

You can download troubleshoot file in System>Administration>Troubleshoot.

by anonymous
Hello,

Thanks for your support Ahmed.

Indeed, i uploaded the ProtonVPN OPVN config file, and then the OpenVPN configuration section showed « Not Available » value for « TUN/TAP », « Protocol » and « Port » parameters.

However, with steps described on Jun 2, VPN connection of RUT240 to ProtonVPN servers works well. I got IP from ProtonVPN servers (https://ipleak.net/ check). Nothing else needed.