Problem with RMS connection via OpenVPN

Networking Solutions
1

Hello everyone,

I am trying to reach a RUT300 via OpenVPN, as well as the devices located in its LAN. The RMS service from Teltonika is connected, and I can also access the router’s web interface through the RMS system. However, in the router’s settings under Services > VPN > OpenVPN, the default tunnel is not connected. The logs show the following:

[daemon.notice openvpn(rms_oOhtkxczlKwAxVyb)[3203]: UDPv4 link local: (not bound)
daemon.notice openvpn(rms_oOhtkxczlKwAxVyb)[3203]: UDPv4 link remote: [AF_INET]3.69.106.81:57658
daemon.err openvpn(rms_oOhtkxczlKwAxVyb)[3203]: TLS Error: TLS key negotiation failed to occur within 60 seconds ].

What does that mean? And what do I need to allow in the firewall?

3

Hey there,

Thanks for reaching out. Regarding your issue, there are a couple of things I’d need you to check:

  1. First, when the VPN connection is active, i.e., you’re connected to the VPN by using some client (OpenVPN Connect, Teltonika VPN Hub client, etc.) - does your RMS user and your device that you have added appear in the list under RMS VPN → VPN Hubs → Clicking your VPN Hub → General tab? You should see your clients here:

    image
    image1563×202 16.5 KB

  2. Secondly, what routes do you have set up, in the same VPN Hub routes tab?

  3. Please also try to re-push the VPN configuration onto your device. Head to the Clients tab in the VPN Hub settings, and press on this little button:

    image
    image1111×350 42.8 KB

  4. Finally, if you were to reach the WebUI of the device, could you please head to Network → Firewall → Zones and set the lan => wan zone to “Enabled”?

Do let me know the answers to these questions, and do let me know whether these suggestions help you out.

Regards,
M.

4

Hey,
Thank you for your feedback.

  1. When the OpenVPN connection is active, only the RMS user appears under Sessions in the VPN Hub. The device/router is not connected.
  2. See screenshot.
    image
    image1116×484 32.6 KB
  3. Done, nothing happened.
  4. Under the specified path, I only find a list of zones. Which one is meant, and how do I enable it? (See screenshot)
    2025-06-30-12-35-47
    2025-06-30-12-35-47801×170 4.51 KB

I believe something needs to be configured in the customer’s network firewall. UDP ports should actually be open. Or is there anything else I could configure to get the TLS handshake working?

5

Hello,

In regard to point No. 4, you seem to be in the incorrect window; you wanna look under Network → Firewall → Zones, you seem to be under Status → Network → Firewall. There’s a separate Network tab on the far left-hand side.

Your device not appearing in the sessions list is also quite weird. If you haven’t already, could you try removing it from the VPN Hub and re-adding it? After doing so, don’t forget to enable LAN forwarding, set up the routes, etc.

Regards,
M.

6

Hi,
thanks for the tip — I was looking under the “Status” menu.
I’ve now enabled masquerading under LAN → WAN; it was turned off before.
Is that what you meant? See screenshot. Unfortunately, it didn’t help.

2025-06-30-13-31-53
2025-06-30-13-31-53790×406 22 KB

7

Correct, after enabling the setting, could you confirm that it is still not functioning properly?

If so, I’ve sent you a form to fill out so we can continue our conversation in private, to avoid accidentally leaking any sensitive information. In the Ticket ID field, simply enter the thread’s number, which is 14394.

Thank you,
M.

8

This topic was automatically closed after 60 days. New replies are no longer allowed.