WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

Cannot access TRB140 via ssh or web UI over OpenVPN

0 votes
940 views 13 comments
by anonymous
Hello,

I am having troubles in connecting to TRB140 via either ssh or webUI over OpenVPN.

It says "connected" as a status and it gets an IP under the vpn, but I still can't seem to access it.

Any advice for something I may be missing out?

Thank you in advance

1 Answer

0 votes
by anonymous

Hi, 

By default RUT firewall blocks access to ports 22/80/443 when trying to access it from zone different than LAN.

Have you enabled remote access via System -> Administration -> Access control

If you have remote access enabled, generate troubleshoot file via System -> Administration -> Troubleshoot and PM it, I'll take a look.

by anonymous
Hello,

thank you for yuor answer. Remote access is enabled for both ssh and web UI.

I'm sending the troubleshoot file right now.

Thanks
by anonymous
I have same issue. I can setup openvpn connection but I cannot ssh nor telnet and remote ssh + telnet is enabled.
by anonymous

Hello,

please first try as Martynas mentioned above to enable remote access. Otherwise, if you are still having problems. Please attach the troubleshooting file to verify the configuration.

by anonymous
Remote ssh access is enabled I think issue is that firewall blocks ping + ssh over openvpn. I checked config but see only openpvn forwarding to lan, wan but other rules for ping + ssh over openvpn are not there so IMO it's blocked. Do you maybe have some example how to achieve that? Thanks.
by anonymous

file -> troubleshoot file

by anonymous
Hello,

I was checking the configuration and everything looks fine. However, it is possible that even if the client connects to the server for minutes, the connection drops and remains as "Connected". Could you please let me know what firmware version you are using. As well as send in a txt file the output to the following command by CLI "logread |grep openvpn". With that I have more information to help you.
by anonymous
I verified logread output and also tun0 interface is permamanent and stable. I used same openvpn config on laptop and can ping and ssh to it from. I cannot paste openvpn log here as it contains some company info. Can I send it via email? Thanks.
by anonymous
From what I understand, the problem is with configuring another router as a client, right? Since you were able to connect with the laptop client, the problem must be in your client router. Please double check that the configuration is the same on both routers. Can you see the interface on this permanent and stable one too?. Have you checked the firewall and traffic rules? Have you found enable ssh wan rule? Have you seen an option to select openvpn instead of wan source zone. What firmware version are you using? Upgrading to the latest version may help with this issue as well.
by anonymous
Nope. Problem is I have vpn client running on my linux PC + on Teltonika. Connection is stable and working on both devices. On server I want to ssh to client. I can ssh to my linux PC but not to Teltonika. As I wrote above I think issue is that opevpn connection don't have firewall rules for ping and ssh created (to be honest I don't know how to add them). Can I configure firewall on configuration page? I cannot find even in advanced mode. I'm sing FW version from 09.2021 TRB1_R_00.07.00.1 latest seems to be: TRB1_R_00.07.01.4
by anonymous

Correct. From Basic view you cannot configure the firewall to enable ssh over wan. To do this simply click on Basic mode and it will change to Advanced. Then you can review the rules by accessing via Network→Firewall→Traffic Rules. The ENABLE_SSH_WAN and ALLOW-OPENVPN-TRAFFIC options must be enabled. Here is a link with more information about the firewall configuration.

https://wiki.teltonika-networks.com/view/TRB140_Firewall#Traffic_Rules

You can also update your gateway firmware by going to https://wiki.teltonika-networks.com/view/Main_Page. Selecting the model of your gateway and then Firmware download. There you will also find the steps to follow to update it. It is always good to update it because each update fixes some past bugs. 

by anonymous
Both options are enabled I checked on webpage.
by anonymous
Have you tried updating the firmware? Although you say the interface is up and stable. Can you reach the virtual IP of the server? As I said, it is possible that the interface is up and stable but the vpn is not up as such.  Please, send me the logs to alvaro.navarro@teltonika.lt
by anonymous

Hello,

I was checking all the settings and options enabled. On the Teltonika router side everything is correct. I did some research on the common issues and found that it could be the configuration on your server. 

Here is a link with the same problem (Ping client to server, but fails to ping server to client). In this type of issue, although many times they say that it can be the firewall configuration. Enabling the remote access of ssh, http and telnet, is enough to access the router. In this case, it was verified that a route on the server to the client was wrong. It could be your case also. 

https://forums.openvpn.net/viewtopic.php?t=21487

https://serverfault.com/questions/422439/openvpn-server-cannot-ping-clients

On the other hand, I leave you how to configure the TLS clients on the server, so that it can access the clients through its virtual ip or LAN. 

https://wiki.teltonika-networks.com/view/OpenVPN_configuration_examples#Clients_from_Server