FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
554 views 2 comments
by anonymous
I have OpenVPN sewer and some clients.

I made TLS Client setting so i can connect to all of them.

But one of client has 2 subnets: 192.168.31.0/24 and 192.168.32.0/24- at client RUT950 second subnet is as Alias IP.

In TLS Client setting i can set only one subnet. i was tying set static Route but it is possible only to OpenVPN network, but server dont know to which client  route should be done at next hop.

So network 192.168.31.0 is pinging ok, but network  192.168.32.0 not.

is it possible to make second route path in one TLS client ?

I tryed to make this manualy by CLI command but after OpenVPN restart file was overwrited:

1 Answer

0 votes
by anonymous

Hello,

To associate 2 subnets with a single TLS client, you will need to make some changes via SSH.

First, configure OpenVPN server and its TLS clients via WebUI. I will put some images for reference.

Next, you will need to create a 'client' file on the server where you will put the associated routes with the client (I will use 'client3' throughout this configuration). You will need to create and edit the file in '/etc/config' folder.

Connect to the device via SSH and execute the following commands:

  • mkdir /etc/config/ccd
  • touch /etc/config/ccd/client3
  • vi /etc/config/ccd/client3

You will enter the text editor. Press 'i' to start editing. You can navigate with arrow keys. Paste the following lines, but change the IP networks (192.168.25.0/24 and 192.168.35.0/24) to your own (192.168.31.0/24 and 192.168.32.0/24). Also, change the tunnel IP addresses (10.0.0.x) to the ones you use:

ifconfig-push 10.0.0.35 10.0.0.1

ifconfig-push 10.0.0.25 10.0.0.1

iroute 192.168.25.0 255.255.255.0

iroute 192.168.35.0 255.255.255.0

push "route 192.168.25.0 255.255.255.0"

push "route 192.168.35.0 255.255.255.0"

To save and exit the editor, press 'esc' button, then type ':wq' and press enter.

Next, you will have to edit OpenVPN configuration file: 

  • vi /etc/config/openvpn

You will enter the text editor again. Find the following line:

  • option client_config_dir '/etc/openvpn/ccd'

Replace this line (directory path) with:

  • option client_config_dir '/etc/config/ccd'

Save the changes and exit editor.

Restart OpenVPN service via the following command:

  • /etc/init.d/openvpn restart

Everything should work now.

Kind Regards,

Andzej

by anonymous

Hello

I did according to your instructions. Unfortunately, every time I restart openVPN, the client file is overwritten according to the last entry in the configuration file /etc/config/openvpn

"root@Teltonika-RUT950:/# cat /etc/config/ccd/rclient03
--ifconfig-push 192.168.102.7 192.168.102.8
--iroute 192.168.32.0 255.255.255.0
--push route 192.168.202.0 255.255.255.0
root@Teltonika-RUT950:/# vi /etc/config/ccd/rclient03
root@Teltonika-RUT950:/# cat /etc/config/ccd/rclient03
ifconfig-push 192.168.102.7 192.168.102.8
ifconfig-push 192.168.102.107 192.168.102.8
iroute 192.168.31.0 255.255.255.0
iroute 192.168.32.0 255.255.255.0
push route 192.168.202.0 255.255.255.0
root@Teltonika-RUT950:/# /etc/init.d/openvpn restart
root@Teltonika-RUT950:/# cat /etc/config/ccd/rclient03
--ifconfig-push 192.168.102.7 192.168.102.8
--iroute 192.168.32.0 255.255.255.0
--push route 192.168.202.0 255.255.255.0
"

Config client files  (Part):


config client
        option sname 'server_Inster02'
        option ept_name 'lixa_a_b'
        option cn 'rclient03'
        option lip '192.168.102.7'
        option rip '192.168.102.8'
        option pip '192.168.31.0'
        option pnm '255.255.255.0'

config client
        option sname 'server_Inster02'
        option ept_name 'lixa_a_b'
        option lip '192.168.102.7'
        option rip '192.168.102.8'
        option pip '192.168.32.0'
        option pnm '255.255.255.0'
        option cn 'rclient03'

and finaly its only 192.168.32.0 network accesible


My device is RUT 955 Firmware RUT9XX_R_00.06.09.02

by anonymous
Hi,

Is there a reason why you are using 6.09.02 version and not the latest one?

I've tested this on the latest firmware version. The default file was overwritten when the OpenVPN is restarted, so that is why I created a separate file and specified a path to it. This way, the new file is not overwritten. I am not sure about the 6.09.02 version, have not tried this configuration on it.

Kind Regards,

Andzej