I have problems using Data to Server service and Azure Grid (not Hub) via MQTT on RUT240.
The biggest problem is I can’t even debug the problem because I can’t access CLI. The admin password I have does not work there (for user admin or root). I have tried to change the pass but router is saying the current password for admin is incorrect even though I just logged in using admin and that pass. Default pass doesn’t work either. So I can’t use tcp dump…
I have successfully used Flespi for testing but can’t make it with Azure grid. The biggest difference is that with Azure I am using TLS and the port is 8883. I have generated certificates on RUT240 and configured Azure accordingly (created a client and set the thumbprint).
I have created a local windows mqtt client program and it works perfectly with self-signed certificates. I even downloaded certificates (cert.pen and key.pem) from RUT240 and tried with them and again it works so it is not problem with the certificates. At least I think so.
I would have attached the Troubleshoot file but I am a new user so system doesn’t let me. Please help, I’m losing my mind
When accessing CLI, the username should be ‘root’ and the password is the same one that you use to login into WebUI as the ‘admin’. Perhaps you have blocked yourself out? Check IP blocks in System → Administration → Access Control → Security tab.
I do not have an option to test Azure Grid in this case, hoever, it seems that is supports standard MQTT so there should not be any issues. It may be an issue with certificates since you are able to run it on another broker. I would suggest taking a look at a forum post here and trying something similar with Azure Grid.
thnx for your help but it still doesn’t work. I have logged in into CLI though.
There are options in the Data to server create dialog for various protocols. I use pure mqtt. There is “azure mqtt” but that is for azure hub that I don’t use - I use Azure event grid with the newly added mqtt support.
After trying everything I could think off (even the stupidest ideas :)) I have stumbled upon MQTTX, mqtt windows gui client app. I configured it with the same basic few settings and the thing worked like a charm. I have set only client cert and the key files leaving the CA cert empty. These are the same certificates that were generated on teltonika router and don’t work there.
MQTTX has a lot more options and it even tells you if the connection was successful or not (something that is really missing on teltonika). It has also a dropdown for selecting mqtt version. When I select 3.1.1 or 5.0 it is working, but when I select 3.1 it doesn’t work. It just keeps reconnecting, but to no avail. That leaves me thinking it could be the reason why it doesn’t work on teltonika.
I checked mosquitto version and tls support on teltonika and it all look fine.
Could it be that teltonika is selecting mqtt 3.1 in the background? I have checked with tcpdump and there is a brief communication established after I enable “data to server” but that’s it. The connection was always closed by the client.
One more thing, I have created CA certificate that was uploaded to azure mqtt configuration but when I use it in MQTTX I get " Error: unable to get local issuer certificate". So I just leave that field blank and it works then. Maybe teltonika doesn’t allow to skip that field and it fails silently in the background leaving me clueless.
Do you have any recommendations how to debug this further?
The CA certificate needs to be authentic. Could you try looking on Azure Grid to see if you can find a CA cert there?
For troubleshooting, I would suggest trying to subscribe and publish using Mosquitto from the CLI directly. Take a look here and here (and other docs on the website).
I have passed my working certificates (tested in my local program and in MQTTX) to teltonika and checked them with opessl verify… command. Everything was good.
When I run:
mosquitto_sub -d -h [censored]eventgrid.azure.net -p 8883 -t topicName --cert client.cert.pem --key client.key.pem --insecure -i client
I get:
Client client sending CONNECT
Client client received CONNACK (5)
Connection error: Connection Refused: not authorised.
Client client sending DISCONNECT
So simple, yet it doesn’t work.
It seems my journey with Teltonika has come to an end. Thnx for the help.
