WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

Routing issue using vpn

0 votes
518 views 0 comments
by anonymous

Hi to all, I have following issue when enabling VPN client on RUT950 (RUT9XX_R_00.06.09.5):

- configuration as factory (except for password), SIM with publc and static IP, I can ping outside, I can resolve hostnames, I can ping RUT950 from outside, I can access to devices behind RUT950.
- enabling VPN client from configuration file (.ovpn) supplied from customer:
1) I can't reach RUT955 from outside, ping from outside not working, I can't access to devices behind RUT955, I can ping 8.8.8.8 from RUT955 but I can't resolve hostnames
Here route before vpn client enabled:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         *               0.0.0.0         U     1      0        0 wwan0
x.y.z.w   *               255.255.255.255 UH    1      0        0 wwan0
192.168.1.0     *               255.255.255.0   U     0      0        0 br-lan
Here route after vpn is on:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         10.234.41.1     128.0.0.0       UG    0      0        0 tun_c_pergo
default         *               0.0.0.0         U     1      0        0 wwan0
x.y.z.w   *               255.255.255.255 UH    1      0        0 wwan0
10.234.41.0     *               255.255.255.0   U     0      0        0 tun_c_pergo
128.0.0.0       10.234.41.1     128.0.0.0       UG    0      0        0 tun_c_pergo
167.86.112.113  *               255.255.255.255 UH    0      0        0 wwan0
192.168.1.0     *               255.255.255.0   U     0      0        0 br-lan
 
It seems such VPN client would override default route using VPN interface instead wwan0....
Maybe some setting inside OpenVPN server?
How could I solve this?
Thanks.

2 Answers

0 votes
by anonymous

Solved, it was an OpenVPN server configuration issue.
As default configuration file OpenVPN sets own server configuration file server.conf with this option:

push "redirect-gateway def1"

In this way OpenVPN client seems to override RUT955 default gateway making OpenVPN server interface as default gateway instead wwan0 (in my case).

I made this changes in server.conf:

#push "redirect-gateway def1"
route 10.8.0.0 255.255.255.0 vpn_gateway

and here my routing table with vpn client enable and vpn tunnel active:

root@Teltonika-RUT955:/etc/config# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         *               0.0.0.0         U     1      0        0 wwan0
2.195.164.222   *               255.255.255.255 UH    1      0        0 wwan0
10.8.0.0        *               255.255.255.0   U     0      0        0 tun0
192.168.1.0     *               255.255.255.0   U     0      0        0 br-lan

I suppose it was due I've always used embedded VPN servers on custom hardware (OpenVPN compatible) but it was first time I used OpenVPN on Unix OS with pre-compiled configuration file.

Best answer
0 votes
by anonymous

Hello,

  

I will ask you to replicate the issue, then without disabling the OpenVPN instance, navigate to System → Administration → Troubleshoot and generate a troubleshoot file. This file can be attached to the original question and will only be visible to Teltonika moderators. Additionally, it would be great if you could attach the .ovpn file provided to you (feel free to remove the certificate or any other sensitive information, just leave placeholders in their place).

  

Best regards,
DaumantasG