WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

Firewall blocks connection

0 votes
188 views 5 comments
by anonymous
Hi guys. Im new into teltonika. Im trying to configure openvpn server. Everythink works but it seems that firewall form teltonika blocks my connection. Here is my config of firewall. I wonder whats the solution is.

1 Answer

0 votes
by anonymous

Hello,

  

I'm glad to help!

I will ask you to generate a troubleshoot file to better understand your configuration and the issue you are facing. Replicate the issue (try connecting to the OpenVPN server), then navigate to System → Administration → Troubleshoot, and generate the file. This file can be attached to the original question and will only be visible to Teltonika moderators.

I will also ask you to explain your configuration, if Windows clients will be connecting to the OpenVPN server, perhaps you could also share the .ovpn file that is used on Windows?

From your screenshots, I can also see that there are quite a few firewall zones created, could you explain why they are needed? OpenVPN creates a firewall zone and the rules automatically, so nothing needs to be changed in the firewall to connect to the server.

Awaiting your response!

  

Best regards,
DaumantasG

by anonymous
Here is my config

client

dev tun

proto udp

remote 5.185.210.75 1194

ca "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\ca.crt"

cert "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\issued\\Client1.crt"

key "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\private\\Client1.key"

keepalive 10 120

persist-key

persist-tun

data-ciphers-fallback AES-128-CBC

verb 7

remote-cert-tls server
by anonymous
Hello,

Could you try changing the server encryption to AES-256-GCM 256? At least from the server logs, it seems like there is a cypher mismatch between the client and the server.

Best regards,
DaumantasG
by anonymous
I had an issue that my local server behind the Teltonika RUT950 could not connect using SSH.  Ping was fine.

logged into CLI and saw the iptables had multiple drop chains for my servers tcpip.

Flushed the chains and all good.  I did get disconnected after flushing the chains, rebooted modem now all good.
by anonymous
Could you clarify if you had added the rules that dropped the packets yourself of if they were already preset? If they were, what were they?

  

Best regards,
DaumantasG
by anonymous
The issue was found to be that the server had the incorrect password and attempted SSH to gather statistics.  As a result the server was blacklisted.  There was no specific rule added by myself.  Believe it was an auto blacklist due to the number of failed logins.

iptables -L

look through the response and what we saw was a head of drop server.

iptables -F <name of chain>