FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
480 views 23 comments
by anonymous
When wired LAN connection from the PC everythig works fine. But when i activate openVPN in trb140 software, it stops conneting to lan devices connected to the router. Via openVPN tunnel i can only ping or acces the router, not the lan connected divice.

2 Answers

0 votes
by anonymous
Hello,

Is your TRB device configured as a server or a client?

Could you provide a topology of your network and details of your configuration?

Best regards,
by anonymous
nothing helped. new troubleshoot file added for you to see
by anonymous
now i don't see device in ARPsection status Routes, ip and mac adress was shown before, now nothing.
by anonymous

Since your server's LAN is now 192.168.2.1, push option should be route 192.168.2.0 255.255.255.0.

by anonymous
done, still no acces to lan via OpenVPN
by anonymous
i can't eaven ping the router from lan connected m251 controller software, when openVPN is on, when its off the ping returns.
0 votes
by anonymous
tried setting everything once again, still not working
by anonymous

I have tried to replicate a similar case, but instead of m251 controller, I used a raspberry pi as a client conncted to server's LAN. Here's a summary of my topology:
 

Raspberry pi (192.168.2.145, DHCP) <-> RUTX11(OVPN Server, 192.168.2.1) <-> Internet <-> RUT955 (OVPN client, 192.168.1.1) <-> Win10 laptop (192.168.1.155, DHCP)

Below are the configurations of client and server devices. Try to create new server and client instances and configure accordingly:

  • Server (LAN IP 192.168.2.1)

  • Client (LAN IP 192.168.1.1)

No TLS client configuration is needed from server's side. With this configuration I was able to ssh into the raspberry PI from Win10 laptop.

Also, your gateway is being heavily tried to be accessed from various IPs around the world, there is quite a list of already blocked IPs with 10 failed login attempts. Please modify HTTP and SSH WAN traffic rules in Network -> Firewall -> Traffic rules, to accept access only from certain public IPs or devices by entering their MAC addresses to improve your network security.

by anonymous
i will try this config. I will block http acces at all when OpenVpn tunnel starts working properly.
by anonymous
still i can not ping LAN connected device, i replicated your settings.

 PC(192.168.1.10)----trb140(192.168.2.1)-----internet----- Pc(10.0.0.10)
by anonymous

If PC(192.168.1.10) is connected to TRB LAN port, it must be in a different subnet 192.168.2.10. If 192.168.1.10 is a static lease, then TRB's LAN IP must be 192.168.1.1. 

The Pc(10.0.0.10) should have a different IP, for example 192.168.x.10. Change x with anything other than 1 or 2. 10.0.0.0 is a virtual subnet used for VPN communication. It must not overlap with the actual subnets assigned to physical device interfaces.

Example topology could look like this:

 PC(192.168.2.10)----trb140(192.168.2.1)-----internet----- Pc(192.168.10.10)

by anonymous

 192.168.1.10 is a static lease, then TRB's LAN IP must be 192.168.1.1 ----- now it is so

PC(192.168.1.10)----trb140(192.168.1.1)-----internet----- Pc(192.168.4.1)

no ping at 192.168.1.10 request timeout

now trb(192.168.1.1) gets VPNtunnel ip10.0.0.6 as a client not server, server gets ip 10.0.0.1 and its unreacheble

succes is the device appeared in arp section

by anonymous

Replace push option in server's config with the following: 

  • route 192.168.1.0 255.255.255.0

After saving the settings, restart OpenVPN on both, server and client sides.

If it still does not work, send another troubleshoot.              

by anonymous
still nothing. i upload troubleshoot file
by anonymous
Please delete client configuration instance on TRB device.

Could you also show .ovpn client configuration file from your PC?
by anonymous

client config delated. this is my client.ovpn file

by anonymous
is it ok? or maybe there is my problem?
by anonymous
Please help. Still no clue. i need this working
by anonymous

Got it. Everything works fine now. Problem was port forwording. I did it "upside down" this is why it dident worked.

It should be forworded from openvpn to Lan. My setting was from Lan to OpenVpn.