FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

12622 questions

14984 answers

23972 comments

46796 members

0 votes
77 views 3 comments
by

Hi,

I am looking to upgrade all of our RUT955 to firmware 7.02.7. Our install base is a mix of 6.06, 6.07 and 6.08. On the first device I updated to 7.02.7, I am experiencing issues with OpenVPN (client). The server is not able to reach the client and vice versa. 

Running an ip route on the 7.02.7 device, I see that the remote OpenVPN network, 10.2.13.0/24, is accessible through WWAN0 instead of the OpenVPN client tun_newClient. When I perform a ping towards the 10.2.13.0 network from the OpenVPN server, I can see the requests coming through on the Teltonika (using tcpdump).

root@Teltonika-RUT955-7-2:~# ip route
default dev wwan0 proto static scope link src 10.254.254.33 metric 1
10.2.13.0/24 via 10.2.13.1 dev wwan0
10.208.11.0/24 dev br-lan proto static scope link metric 2
10.254.254.33 dev wwan0 proto static scope link metric 1

I checked the ip route on the 6.06.1 device and I can see the network 10.2.13.0/24 is routed correctly. It is accessible through tun_c_newClient and not WWAN0.

root@Teltonika-RUT955-6-7:~# ip route
default via 10.254.254.40 dev wwan0  proto static  src 10.254.254.39
10.2.13.0/24 via 10.2.13.1 dev tun_c_newClient
10.2.13.0/24 dev tun_c_newClient  proto kernel  scope link  src 10.2.13.11
10.254.254.32/28 dev wwan0  proto kernel  scope link  src 10.254.254.39
10.254.254.40 dev wwan0  proto static  scope link  src 10.254.254.39

Am I missing something on the new firmware or do I need to configure something extra to update the routing table correctly on 7.02.7? The OpenVPN client on the 7.02.7 device is connected and also visible as a client on the OpenVPN server.

EDIT : updated initial question and added troubleshooting logs

Kind regards,
Tom

1 Answer

0 votes
by

Hello,

It is difficult to estimate from the few details you have provided. It does seem, however, that the tunnel is not established at all.

I would like you to attach troubleshoot files to your question from both 6.7 and 7.2 devices, to compare their configurations and logs regarding tunnel establishment. Please, replicate configuration, make sure the issue is present in the device, then access router's WebUI, go to System -> Administration -> Troubleshoot section and download troubleshoot file from there. 

Files are private and visible only to Teltonika Moderators.

Best regards,

Best answer
by
I uploaded the files and edited my question a bit.
I ran pings towards both devices from the OpenVPN server (10.2.13.1) between 14:30 and 14:45.
From what I can see, the OpenVPN route is not being added as reachable through the OpenVPN tunnel, but reachable through WWAN0.
by

Hello,

Server is pushing several options to client, which are already configured, thus a couple of them seem to be redundant in client configuration.

Could you please access client's configuration page and remove remote network ip address and remote network subnet mask options and check routes.

by

Ahaa! That solved the issue. I removed the remote network ip address and remote network subnet mask and now the ip route shows the correct interfaces. In the 6.x firmware we always configured the remote network and that worked fine.