RUTx50 IPsec Route based VPN

Networking Solutions
1

Hello everyone,

I have a Teltonika rutx50, where i am trying to setup VPN between that and my firewall.

Context:

Teltonika router has a simcard, so it uses a carrier network to connect to the internet. My firewall has a static public IP.

I’ve set up an IPsec route-based VPN. The GUI shows it’s connected, but no traffic is passing through.

On Teltonika router i’ve configured:

  • Remote endpoint(Firewall)
  • Local and Remote Identifiers
  • Selected “route based”
  • Set XFRM interface
  • Configured IKEv2 - and for Phase 1 and Phase 2:
    • Encryption
    • Authentication
    • Hashing
  • Set static routes for the to remote subnet.

Not sure if this is how it’s supposed to work, but when I try to set up a static route, I can only select the WAN and LAN interfaces. Should the VTI (XFRM) interface appear in that list as well?

Anybody have an idea of what i am missing, or a link to where i can find some documentation for route based VPNs?

Any help would be greatly appreciated.

3

Hi there,

Just to clarify - are you currently able to reach the other side via pings and such, or not?

What’s the actual use case that you’re trying to achieve? Do you want to send some type of data, or just simply be able to access end-devices on the other end?

Regarding this question - here are the steps to make it appear:

  1. Take note of your IPsec interface name:

    image
    image485×204 6 KB

  2. Navigate to Network → WAN section, create a new interface like this (important part is physical settings, you will need to insert the name and press add):

    image
    image848×244 9.73 KB

    image
    image347×202 6.42 KB

    image
    image834×187 9.17 KB

  3. Once done, you can create a static route like this:

    image
    image738×122 6.12 KB

  4. This route will then be used through IPsec:
    image

Regards,
M.

4

Hi,

What firmware are you running? I believe they fixed this in 07.19 and now XFRM interfaces are visible in static route page

1 Like