I have a new RUTX50 running firmware 7.07 with four OpenVPN client configs created manually, not from OVPN file. Recently I noticed I’m unable to save changes to any of the configurations. Whether I’m trying to change port number, extra options, or certificates, I can make the changes but clicking the “Save & Apply” button has no effect and my only option is to close the screen, at which point I get a warning that unsaved changes will be discarded.
I also upgraded to firmware 7.08 today hoping that would fix it, but no luck. Same problem exists. I can create a new OpenVPN client configuration and edit that but the existing ones appear locked. How can I fix this? I would rather not delete and recreate because I already have firewall rules and LAN interfaces configured to use the tun_c_** interfaces created.
If the UI cannot be fixed, how can I make the changes via SSH?
In case it matters, only one client is enabled at a time.
Correction… I’m unable to make changes to new OpenVPN client configurations either. When I create a new one and specify:
Remote network IP: 10.0.1.0
Remote netmask: 255.255.255.0
I get a red highlight on the Remote IP input box.
If I change the Remote IP to 192.168.1.1 per the example, it tells me the network IP should be 192.168.1.0. So then I tried netmask: 255.255.255.252 (net30), and the UI tells me remote network IP should be 192.168.1.0, so I changed it to that but the box remains red. No matter what I do, Save & Apply button does nothing and I’m stuck on the form.
Could you please take a screenshot of your configurations and any errors you encounter? This will help me better understand the problem and attempt to replicate it.
At this point, whether I make changes or not, “Save & Apply” appears available to click but there’s no visible response to clicking. My only option is to cancel and discard.
Here is the LAN Interface created using the physical tun_c_OceanMST interface.
And below are the firewall zones created. Since I didn’t plan to use the “openvpn” zone, I attempted to delete it from the list of zones, but it wouldn’t go away completely so I used SSH > iptables commands to remove any references to openvpn.
I almost forgot… When creating a new OpenVPN client, the dialog window continues to reject the Remote Network IP. If I put in 10.0.1.0, netmask 255.255.255.0, it rejects the Network IP. (The box is read when not hovering over it; it turns blue and displays the pictured pop-up text when hovering over it.)
It should allow you to enter IP 10.0.160.0 with netmask 255.255.255.0. Could you please specify if the “Save & Apply” button is not working when you configure it this way?
I suggest trying to configure your OpenVPN client settings via CLI. The OpenVPN config file is located in the /etc/config directory. You should be able to edit and save the configurations and the changes should be applied.
Marija, thanks for your reply. I was not able to get the UI to work. It would still reject the IP & netmask configuration and the “Save & Apply” button would not work. I decided to factory reset and start over, taking incremental configuration backups along the way.
While I was able to change basic values in the config file via SSH, creating a new profile with different certificates and obscured passwords became too time consuming.
The factory reset DID fix the issue, but now, 24 hours after creating one OpenVPN client connection, the issue is happening again when I try to create a 2nd OpenVPN client.
HELP! What can I do to fix this? I don’t want to return this device but if I can’t fix it by Saturday, that is what I will have to do.
Also, after I edit the openvpn config is SSH, when I try to enable the profile in the UI by clicking the on/off switch in the list of clients, I get this message:
I can’t guarantee a fix by Saturday, as the issue might be related to the firmware, in which case we’d need to wait for an update. However, I’ll investigate further to determine if the problem could be caused by something else.
To proceed, I will need some sensitive information from you, so I’ve sent you a form to fill out. Once you complete it, I can contact you privately. Please use the ticket ID “6880” when filling out the form.
