10879 questions

12962 answers

20220 comments

26087 members

0 votes
103 views 5 comments
by
I have RUT955 with FW vRUT9_R_00.07.01.4. RUT955 LAN IP is 192.168.1.5. I have configured the OpenVPN Client tunnel on TCP port 443 and its status got 'Connected'. I have up SIM2 connection and I can able to take RUT955 remotely on that SIM IP. Now I can tried to access my end device connected behind the RUT955 LAN but it's not yet accessible for me.

How can I make it accessible? Attached a backup file & Troubleshoot file of my RUT955 device.

1 Answer

0 votes
by

Hello, 

I think you are missing some files in the troubleshooting file. However, from the ones you sent I can see that the OpenVPN interface is not created. Can you first make sure that the interface is created correctly and that there is connectivity between the client and RUT955 (OpenVPN IP connectivity). 

On the other hand, you must access your RUT955 through the SIM IP because it must be public. However, this does not guarantee your connectivity to the end controller. You can access it if you configure a Port Forwarding with the public IP and the controller IP. Here is a link on how to configure a Port Forwarding. 

https://wiki.teltonika-networks.com/view/RUT955_Firewall#Port_Forwards

I still imagine you want to do it through OpenVPN to make the connection secure. As I said before, first verify that there is connectivity between the client and the RUT955. Then when this connection exists, you can add a static route from OpenVPN to the LAN of your RUT955. There you will be able to have access from any client. 

Best answer
by
Thanks for the reply. Here I'm performing 2 OpenVPN connections: OpenVPN as server & OpenVPN as Client.

To configure RUT955 as the OpenVPN server, Do I really need a public IP on WAN or not? - waiting for your answer. Meanwhile, let's put this case on hold.

I have disabled the WAN interface as of now & also disabled the OpenVPN server tunnel. Then I make an OpenVPN client tunnel to configure RUT955 as an OpenVPN client. Tunnel status shows me 'Connected'. For this, I'm using the Mobile SIM2 interface. I got a SIM IP (static) & with that IP I can able to take RUT966 remotely after connecting the OpenVPN config file from the OpenVPN Connect tool. I have done port forwarding with SIM IP from port to my destination device IP But no luck. I'm not able to reach my end device. Can you please guide me for this configuration of port forwarding? We can connect on Zoom meeting to see the issue.
by
Hello,

For a remote session, you will need a Teltonika VIP Helpdesk account. For this, you will need to contact your Sales Manager. On the other hand, I can try to replicate your configuration on my devices to help you.

You need a public IP on the WAN interface of the OpenVPN server. Otherwise, you will not be able to establish the tunnel.

From what you explain in your configuration. It seems that you can access the RUT966 by IP of the OpenVPN server. Can you show me how you did the port forwarding configuration? Maybe there must be something wrong configured. Can you send me the updated troubleshooting file as well as the backup? This is to verify that the created interface is correctly connected.
by
Here is the Backup & Troubleshoot file. (backup-Teltonika-RUT955.com-2022-05-20.tar) & (troubleshoot-Teltonika-RUT955.com-2022-05-20.tar) Also Attached the "ExposeHMI Port forwarding.png" that shows my port forward configuration.

I have disabled the OpenVPN Server tunnel as of now. Now only my OpenVPN Client tunnel up & status is connected.

SIM Static IP I got as 10.0.1.190 on which able to take RUT955 remotely.

I have done port forwarding from 10.0.1.190 on external port 81 to my end device IP 192.168.1.6 on port 80 but when I tried to access 10.0.1.190:81 from the browser it was not redirected to my device IP.
by

Hey, 

Well, there must be some confusion. I say this because IP 10.0.1.190 is not a public IP. However, I see that you have a public IP 122.186.183.49. I also see that you have a route to IP 10.0.1.190 from 122.186.183.49. I believe that for this reason, you can access the IP of the SIM. 

You should be able to access the final device through the public IP 122.186.183.49:81 by port forwarding. Otherwise, you can try bridging the eth0 interface to brlan. This is because on the eth0 interface you have the public IP. To do this you can go to Network→Interfaces, select the LAN interface and go to the Physical settings option. Activate the bridge option and choose these two interfaces. Otherwise, you can add a static route. You can ssh into the device and type the route like this IP route add 192.168.1.0/24 via 122.186.183.49. This way you could have access from any client. 

by
Hi Again,

Yes, you are right, As I have public IP on my WAN, That's why my OpenVPN Client tunnel status got connected before.

I have removed the WAN connection from Ethernet and provided the connection from Mobile itself (sim). Then I got an IP of my SIM on WAN but I checked the status of my OpenVPN Client tunnel and it got Disconnected. How can I make this tunnel up? What should I do? I have ".opvn" profile of my server with me. Can you guide me on that?

NOTE: From PublicIP I have tried to access my end device by doing port forwarding and it got accessible for me. But I don't want it from Public IP. I want to access it from a VPN tunnel.

I have removed the public IP of Ethernet (122.186.183.49) from the device WAN interface. Now I got an IP of SIM which is 10.0.1.190. I have OpenVPN Profile with me.