FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
145 views 3 comments
by anonymous
I have an RUTX50 setup with DDns and OpenVPN. DDNS is working fine and the OpenVPN Server also. I can connect over the internet. But I can't connect to the devices behind the RUTX50. Pushing route is typed in correctly I guess and I didnt touched the firewall. But it isnt working. I cant even ping the router/server (10.10.0.1) itself. On Android Clients everything works fine, I can ping and connect to clients behind the Server. Off course: On the  Windows 10 clients the firewall is deactivated. I have no idea....

OpenVPN Server -- Virtual-Network: 10.10.0.0 255.255.255.0; route 192.168.0.0 255.255.255.0

Log-Client: TEST ROUTES: 2/2 succeeded len=2 ret=1 a=0 u/d=up --> so why not even pinging the RUTX50?!?!

1 Answer

0 votes
by anonymous

Hello,

  

In order to better understand the issue, I'd like you to replicate the issue and generate a troubleshoot file on the router. This can be done by navigating to System → Administration → Troubleshoot. The file can be attached to the original post and will only be visible to Teltonika moderators.

I'd also like you to attach the full logs from the Windows client when the OpenVPN connection is fully established.

It's also the best practice to use TLS authentication for OpenVPN, with each client having their own certificates. This way each client can be assigned a static IP and it's easier to diagnose any issues.

  

Best regards,
DaumantasG

by anonymous
Hey,

i added the files - sorry it took me so long.

For the troubleshoot-file: I dont know what the Problem is with the DDNS - it works fine, the error isnt important and doesnt make sense (maybe because its still the same IP, so he dont "accept a change".

For the Client-Problem: I first connectet with the android client (around 17:55 01.03.2023) and pinged the VPN Server and the Teltonika. After that I tried the Windows client with the VPN Server and the Teltonika.

Thank you very much!

Best regards,

Jonas
by anonymous

Hello,

    

One thing that could be done, is a TLS client for each of these devices could be set up, thus static IP would be assigned to them, as at the moment you do not have any TLS clients, and IPs get assigned randomly.

TLS clients can be set up in the OpenVPN configuration, and you'll also need to sign new certificates for the other clients. If you generated certificates on the device itself, then new certificates can be signed by navigating to System → Administration → Certificates. Under file type, select Client, Key size with the default certificates is 2048, and make sure CN is unique from the other clients. Select the Sign The Certificate option and enter the number of days the certificate should be valid.

Your Windows logs indicate that the connection is successful, so I believe the issue could be with the IP assignment. 

  

Best regards,
DaumantasG

by anonymous
Again thanks for your input. Routing static IPs to the client also didnt helped. I also tried on different WIndows-Setups now. Always the same. Anyway. I switched to wireguard now at the RUTX and it works fine.

But if someone still has an idea, would I be glad to hear about. I use openvpn on other networks it would make things easier for me.