Hello,
I am having trouble with the OpenVPN server setup on my RUT955.
First, here is my config:
Problem: When I click "save", it goes back to the old settings but no error messages are shown. I've checked the event, system and even kernel log files available on the web-interface. I've even checked the "logread -f" command (through SSH) - but nothing.
Background: The public IP of the router has a domain name, let's say "example.com", and I have a certificate to "example.com" that is signed by a third party CA. I had the problem described above with this certificate, until I realized the public IP of the RUT955 was different from the IP saved to "example.com" in the dynDNS. Problem solved.
But, when trying to connect a client to the VPN server, I got TLS-handshake problems instead. The CA and the cert of the client were created by using easy-rsa. As I could see, no firewall was blocking the VPN port. I decided to try with a self generated server cert signed by the same CA as the client instead. I followed this tutorial: https://firxworx.com/blog/it-devops/sysadmin/creating-certificates-and-keys-for-openvpn-server-with-easyrsa-on-macos/
Next, I removed the "example.com" cert and added the new one to the OpenVPN server config of RUT955. Once again I got the problem described above. So, I decided to go back to the "example.com" cert, but... the problem. Again. Now, the public IP on the dynDNS was correct.
So my questions are: Do you have any idea what the problem is? Where do I find the openVPN log? Does it have to be the same CA signing the server and client cert? Can the server keys be generated on any machine?
Thanks!
/S