FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
525 views 8 comments
by anonymous
We have Problems establishing tunnels if the PSK contains special characters like "§".

It occours only if the PSK is enterd via the GUI.

I did a Workaround: I manipulate /etc/config/ipsec file with an editor and the tunnel esteblishes.

I guess there is a problem converting strings with special characters to hex if enterd in GUI.
by anonymous
Is the device you are creating a tunnel to is another RUT?

What changes do you perform in the config file?
by anonymous

- The remote host is a Fortinet Fortigate 101E. We have many RUT230 and 240 with older Firmware connecting to it as a Dialup VPN. The RUT 241 was the first device that can´t create a tunnel. Logs in the Fortigate showed a PSK mismatch.

- The Secret entered in the GUI was stored in HEX in the config file /etc/config/ipsec.

option secret          '0xFFFF123FFF'

i changed it to:

option secret          'ThisIsAnExampleforAPSKString'

I did an IPsec restart and the Tunnel established immediately.

by anonymous

I assume your other devices have legacy design firmware with versions starting RUT2XX_R_00.01.14.x and it does not occur on RUT2_R_00.07.xx firmwares? 

Have you tested any other special characters or is it just "§"?

by anonymous

-  Yes the other Devices have legacy design firmware: RUT2XX_R_00.01.14.4

- I did not update RUT230 & RUT240 to the new design firmware yet. So i can´t say if it occurs on RUT2_R_00.07.xx. At the moment i am a little afraid, the VPN will not establish after update.

- this are the special characters in the PSK:        §}_{>;&%$+<?}#~,

by anonymous
I was not able to establish a tunnel using "§" as well. The issue is forwarded to the development team to investigate.

Thank you for the information you have provided.
by anonymous
Hello,

Out of all these symbols §}_{>;&%$+<?}#~, the issue is reproducible only with §.

Solution is currently scheduled for 7.4 firmware, which will not happen anytime soon.

In the mean time, the suggestion is to remain on the legacy WebUI firmware or simply avoid the use of §.

Best regards,
by anonymous
Hello,

is this Bug fixed in the latest firmware for RUT230, RUT240 and RUT241 (RUT2M_R_00.07.04.2 and  RUT2_R_00.07.04.2)?

Best regards
by anonymous
Internal system shows, that the solution for this is marked to be included in 7.5 version, which is currently planned to be released by the end of May.

However, I have just tested an IPsec tunnel between a legacy firmware and 7.04.2 devices, with pre-shared key containing § and the tunnel was successfully established, devices were able to ping each other.

I suggest to try it out.

Best regards

1 Answer

0 votes
by anonymous

Hello,

I would like you to attach a troubleshoot file to your question. It would help to analyze the issue and provide a solution. Please, replicate the issue, then access router's WebUI, go to System -> Administration > Troubleshoot section and download troubleshoot file from there.

Files are private and visible only to Teltonika Moderators.

Best regards,