Router General / Open VPN / Routing

Networking Solutions
1

Hi Community,

I want to report a technical issue related to ALL Routers and OpenVPN.
It has taken me hours, even days.

If you create an OpenVPN Connection with a “Push Option” e.g. “route 192.168.0.1 255.255.255.0” - so that you geht to your Router via VPN and you do not choose the “Security configuration - Authentication algorythm - SHA 1” you are able to establish a VPN Connection, but you do not get to your device or the network behind.

e.g. Create an Open VPN Connection with an authentication algroythm SHA256 and the VPN will connect but you end at a “Wall”. No possibility to get to the device or the network.
Change it to SHA1 - Everything works.

It would be very, very nice if a Teltonika technician could fix that!!
Thats annoying!

Thank you

3

Greetings, @schflosf ,

Welcome to Teltonika Community!

Could you please clarify the following:

  • If the router works as a server or as a client?
  • Model and firmware version of the device(s)?
  • If possible, could you add a screenshot of the configuration?
  • Scheme / topology of the network(s)

This information would help for further investigation.

Waiting for your reply,

Warm regards,
V.

4

· If the router works as a server or as a client?
The Router works as a Server

· Model and firmware version of the device(s)?
I had the problem with the RUTX12 and many different Firmwares – it stared with 7.9 ish
now I had it on 07.12 / 07.13 / 07.17 and on the latest 07.18.3

If possible, could you add a screenshot of the configuration?
I have to add some screenshots – its not possible in one screenshot

image
image920×692 29.8 KB

image
image918×658 32.9 KB

· Scheme / topology of the network(s)
The Main Internet Connection is over SIM1 (mob1s1a1).

· I have 2 LANs
LAN1 192.168.0.0/24
LAN2 10.0.0.0/24

LAN1 is on Port LAN 1
LAN2 Is on Ports LAN 2- LAN4

image
image1240×294 16.5 KB

5

Greetings,

To help diagnose the LAN access issues with your RUTX12 OpenVPN setup, could you clarify the following:

  1. Client Settings: Are the cipher and auth algorithm on the client identical to the server? Which client software/version are you using?
  2. Connectivity: Can you reach a single LAN (e.g., LAN1) using SHA256/512? Can you ping the router’s VPN interface?
  3. Routing: Currently, it appears the server pushes only one route to the client. Could you confirm which routes are pushed, and what routes appear on the client after connection? Without both LAN routes, the client won’t be able to reach the second LAN.
  4. Firewall/Inter-LAN: Any rules blocking VPN traffic to LAN1 or LAN2? Are the LANs isolated?
  5. Logs: Can you provide OpenVPN logs at verbosity 3–4 for both SHA1 and SHA256/512 connections? Any auth or packet drop errors?

Addressing the route push and ensuring both LANs are reachable via firewall and inter-LAN rules will likely resolve the access issue.

Best regards,
V.

6

Hello,

thank you very much for your reply.
I tested everything once again and based on your reply I found the issue.

With SHA1 the OpenVPN Client file does not need any authentication settings.

If you switch to SHA256 you need the auth and cipher settings in the file.

So my Client File header looks like this now and that works:

client
dev tun
proto udp
remote VPNSRV_IP_or_Name 1194
auth-user-pass
cipher AES-256-CBC
auth SHA256
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verb 6

Thank you again.

Greetings.

7

Greetings,

Thank you for your message,

I am glad that you managed to resolve the issue, in case you have any additional questions, don’t hesitate to let me know.

Kind regards,
V.

8

This topic was automatically closed after 60 days. New replies are no longer allowed.