FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
894 views 1 comments
by anonymous

Hello,

i am currently trying to establish a OpenVPN site to site connection between my RUT240 (Client) and my PFSense (Server).

i mamanges to establish a connection via TLS but had the problem that i could not reach the devices behind the RUT240 i could however reach the devices behind the PFSense.

A User in this forum suggested to switch to Shared Key but i can't establish a connection that way.

Here is my configuration:

PFSense:

  • Server Mode: Peer to Peer (Shared Key)
  • Protocol: UDP on IPv4 only
  • Device Mode: tun
  • Interface: WAN
  • Port: 1205
  • Encription Algorithm: AES-128-CBC (128 bit key, 128 bit block)
  • Auth digest Algorithm: SHA256 (256-bit)
  • IPv4 Tunnel Network: 10.160.0.0/24
  •  Ipv4 Remote network: 10.161.0.0/24
  • Compression: disabled
  • Keepalive 
    • Interval 10
    • timeout 60
  • Gateway creation: Both
RUT240 Firmware version 00.01.14.1:
  • Enabled: Checked
  • OpenVPN config from file: disabled
  • Tun/Tap: TUN
  • Protocol: UDP
  • Port: 1205
  • LZO: Unchecked
  • Remote host IP: <WAN IP of the pfsense router>
  • Resolve retry: infinite
  • Keep alive 10 60
  • Remote network ip: 10.100.0.0
  • remote network ip mask: 255.255.0.0
  • Authentication: Static Key
  • Encription: AES-128-CBC 128
  • Local tunnel endpoint IP: 10.160.0.2
  • Remote tunnel endpoint IP: 10.160.0.1
  • Extra Options: none
  • Static pre-shared key: 2048 bit OpenVPN static key file
as mentioned in the other case i have no option to configure the Auth Algorithm and setting the algorithm to SHA1 is not an option by Company policy.
Any help is appreciated.
by anonymous

i set "Auth digest Algorithm: SHA1 (160-bit)" and it connect

1 Answer

0 votes
by anonymous
Hello,

Thank you for contacting.

May i know if you have defined the LAN network of the Rut240 in your configurations on server side? It needs to be allowed in server side.

You have to add it in the ccd , further details could be seen here:

https://openvpn.net/community-resources/how-to/

Thanks.

Regards,

Ahmed