FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Mit unserem VPN Dienste machen wir Netzwerke erreichbar die keine öffentliche IP-Adresse besitzen oder keine Änderungen im Router möglich sind.
Antworten
MadPlayer
Beiträge: 4
Registriert: Fr 16. Jun 2017, 21:07

FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Beitrag von MadPlayer » Fr 16. Jun 2017, 21:10

Hallo,
was muss ich in meinem Teltonika RUT955 unter Open VPN eintragen?
Ich habe ein paar Daten aus der Conf datei eingetragen, aber funkoniert nicht.

gruß
MadPlayer


vpn tetonika rut955.PNG
vpn tetonika rut955.PNG (52.02 KiB) 1614 mal betrachtet

MichaelWeigel
Beiträge: 405
Registriert: Di 24. Feb 2015, 11:13

Re: FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Beitrag von MichaelWeigel » Di 20. Jun 2017, 14:55

Hallo,

Die Einstellungen sollten so aussehen:
2.PNG
2.PNG (43.64 KiB) 1604 mal betrachtet
als Zertifikat wird die fipCA.crt hochgeladen.

LG Michael

MadPlayer
Beiträge: 4
Registriert: Fr 16. Jun 2017, 21:07

Re: FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Beitrag von MadPlayer » Do 22. Jun 2017, 21:43

Hi. Klappt leider nicht.
Habe jetzt alles durchprobiert.
Port steht bei mir in der config 1194.
Habe auch den port 1195 probiert geht nix.
vpn.JPG
vpn.JPG (77.46 KiB) 1592 mal betrachtet

MadPlayer
Beiträge: 4
Registriert: Fr 16. Jun 2017, 21:07

Re: FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Beitrag von MadPlayer » Sa 24. Jun 2017, 14:25

hier das log file:

Sat Jun 24 14:07:21 2017 daemon.warn openvpn(client_fipvpn)[32640]: DEPRECATED OPTION: --max-routes option ignored.The number of routes is unlimited as of version 2.4. This option will be removed in a future version, please remove it from your configuration.
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: OpenVPN 2.4.2 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: library versions: OpenSSL 1.0.2k 26 Jan 2017, LZO 2.06
Sat Jun 24 14:07:21 2017 daemon.warn openvpn(client_fipvpn)[32640]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sat Jun 24 14:07:21 2017 daemon.warn openvpn(client_fipvpn)[32640]: ******* WARNING *******: '--auth none' was specified. This means no authentication will be performed on received packets, meaning you CANNOT trust that the data received by the remote side have NOT been manipulated. PLEASE DO RECONSIDER THIS SETTING!
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1521,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth [null-digest],keysize 128,key-method 2,tls-client'
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1521,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth [null-digest],keysize 128,key-method 2,tls-server'
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: TCP/UDP: Preserving recently used remote address: [AF_INET]84.200.67.221:1195
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: Socket Buffers: R=[8388608->8388608] S=[8388608->8388608]
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: UDP link local: (not bound)
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: UDP link remote: [AF_INET]84.200.67.221:1195
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: TLS: Initial packet from [AF_INET]84.200.67.221:1195, sid=0362a895 8d7dc805
Sat Jun 24 14:07:21 2017 daemon.warn openvpn(client_fipvpn)[32640]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: VERIFY OK: depth=1, C=DE, ST=SAXONIA, L=Frohburg, O=COSIMO Vertriebs- und Beratungs GmbH, OU=Webservices, CN=FIP-CA, name=ROOT-CA FIP-TOOLS, emailAddress=isp@cosimo.de
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: VERIFY OK: depth=0, C=DE, ST=SAXONIA, L=Frohburg, O=COSIMO Vertriebs- und Beratungs GmbH, OU=Webservices, CN=vpn2.connect2any.net, name=VPN2, emailAddress=isp@cosimo.de
Sat Jun 24 14:07:22 2017 daemon.warn openvpn(client_fipvpn)[32640]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1521', remote='link-mtu 1541'
Sat Jun 24 14:07:22 2017 daemon.warn openvpn(client_fipvpn)[32640]: WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
Sat Jun 24 14:07:22 2017 daemon.notice openvpn(client_fipvpn)[32640]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Jun 24 14:07:22 2017 daemon.notice openvpn(client_fipvpn)[32640]: [vpn2.connect2any.net] Peer Connection Initiated with [AF_INET]84.200.67.221:1195
Sat Jun 24 14:07:23 2017 daemon.notice openvpn(client_fipvpn)[32640]: SENT CONTROL [vpn2.connect2any.net]: 'PUSH_REQUEST' (status=1)
Sat Jun 24 14:07:23 2017 daemon.notice openvpn(client_fipvpn)[32640]: AUTH: Received control message: AUTH_FAILED
Sat Jun 24 14:07:23 2017 daemon.notice openvpn(client_fipvpn)[32640]: TCP/UDP: Closing socket
Sat Jun 24 14:07:23 2017 daemon.notice openvpn(client_fipvpn)[32640]: SIGTERM[soft,auth-failure] received, process exiting
Sat Jun 24 14:07:23 2017 user.emerg syslog: Instance openvpn::instance1 s in a crash loop 6 crashes, 2 seconds since last crash

MadPlayer
Beiträge: 4
Registriert: Fr 16. Jun 2017, 21:07

Re: FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Beitrag von MadPlayer » Mo 26. Jun 2017, 16:02

Ich habe es nach einigen versuchen glaube ich hinbekommen. Die Verbindung wurde aufgebaut. Und läuft bis jetzt sehr gut.

Ich habe die openVPN Dateien per SCP auf den RUT955 übertragen und per extra Options eingebunden.
20170627_123312.jpg
20170627_123312.jpg (136.06 KiB) 1557 mal betrachtet
fipvpnrut995.jpg
fipvpnrut995.jpg (123.3 KiB) 1562 mal betrachtet

suedflughafen
Beiträge: 2
Registriert: Fr 20. Apr 2018, 23:52

Re: FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Beitrag von suedflughafen » Sa 21. Apr 2018, 00:05

Um eine openVPN-Verbindung (FIP-VPN) mit einem Teltonika Router erfolgreich und relativ simple einzurichten sind folgende Schritte notwendig:
Bildschirmfoto 2018-04-20 um 10.20.34.png
Bildschirmfoto 2018-04-20 um 10.20.34.png (147.53 KiB) 628 mal betrachtet

Jarosch
Beiträge: 1
Registriert: Sa 5. Mai 2018, 00:44

FIP-VPN Tunnel unter Teltonika RUT950 funktioniert nicht

Beitrag von Jarosch » Sa 5. Mai 2018, 01:18

Hallo,

brauche Hilfe bei der Konfiguration des VPN Tunnels.

Code: Alles auswählen

Sat May  5 01:10:31 2018 local1.crit luci-reload[12009]: START==1
Sat May  5 01:10:34 2018 local1.crit luci-reload[12053]: START==1
Sat May  5 01:10:36 2018 daemon.warn openvpn(636C69656E745F46495056504E)[8574]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Re-using SSL/TLS context
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: TCP/UDP: Preserving recently used remote address: [AF_INET]185.62.150.17:1195
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Socket Buffers: R=[8388608->8388608] S=[8388608->8388608]
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: UDP link local: (not bound)
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: UDP link remote: [AF_INET]185.62.150.17:1195
Sat May  5 01:11:36 2018 daemon.err openvpn(636C69656E745F46495056504E)[8574]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat May  5 01:11:36 2018 daemon.err openvpn(636C69656E745F46495056504E)[8574]: TLS Error: TLS handshake failed
Sat May  5 01:11:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: TCP/UDP: Closing socket
Sat May  5 01:11:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: SIGUSR1[soft,tls-error] received, process restarting
Sat May  5 01:11:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Restart pause, 5 second(s)
Sat May  5 01:11:41 2018 daemon.warn openvpn(636C69656E745F46495056504E)[8574]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Re-using SSL/TLS context
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: TCP/UDP: Preserving recently used remote address: [AF_INET]185.62.150.17:1195
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Socket Buffers: R=[8388608->8388608] S=[8388608->8388608]
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: UDP link local: (not bound)
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: UDP link remote: [AF_INET]185.62.150.17:1195
Sat May  5 01:12:41 2018 daemon.err openvpn(636C69656E745F46495056504E)[8574]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat May  5 01:12:41 2018 daemon.err openvpn(636C69656E745F46495056504E)[8574]: TLS Error: TLS handshake failed
Sat May  5 01:12:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: TCP/UDP: Closing socket
Sat May  5 01:12:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: SIGUSR1[soft,tls-error] received, process restarting
Sat May  5 01:12:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Restart pause, 10 second(s)
Sat May  5 01:12:51 2018 daemon.warn openvpn(636C69656E745F46495056504E)[8574]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Re-using SSL/TLS context
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: TCP/UDP: Preserving recently used remote address: [AF_INET]185.62.150.17:1195
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Socket Buffers: R=[8388608->8388608] S=[8388608->8388608]
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: UDP link local: (not bound)
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: UDP link remote: [AF_INET]185.62.150.17:1195
Sat May  5 01:13:36 2018 daemon.info hostapd: wlan0: STA 80:86:f2:b1:a5:2b WPA: group key handshake completed (RSN)
Sat May  5 01:13:47 2018 kern.info kernel: [  852.940000] Ports leds ON 
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd send: 'AT+QCSQ' (8)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd get: '+QCSQ: "LTE",77,-107,174,-10' (28)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd send: 'AT+QCSQ' (8)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd get: '+QCSQ: "LTE",77,-107,174,-10' (28)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd send: 'AT+CPIN?' (9)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd get: '+CPIN: READY' (12)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd send: 'AT+CREG?' (9)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd get: '+CREG: 2,1,"B07D","0CF630D",7' (29)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd send: 'AT+CSQ' (7)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd get: '+CSQ: 18,99' (11)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd send: 'AT+QCSQ' (8)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd get: '+QCSQ: "LTE",77,-107,174,-10' (28)
Sat May  5 01:13:48 2018 local1.info gsmd[6635]: gsmd send: 'AT+QCSQ' (8)
Sat May  5 01:13:48 2018 local1.info gsmd[6635]: gsmd get: '+QCSQ: "LTE",77,-107,174,-10' (28)
Sat May  5 01:13:50 2018 local1.crit luci-reload[12703]: START==1
Sat May  5 01:13:51 2018 daemon.err openvpn(636C69656E745F46495056504E)[8574]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat May  5 01:13:51 2018 daemon.err openvpn(636C69656E745F46495056504E)[8574]: TLS Error: TLS handshake failed
Sat May  5 01:13:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: TCP/UDP: Closing socket
Sat May  5 01:13:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: SIGUSR1[soft,tls-error] received, process restarting
Sat May  5 01:13:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Restart pause, 20 second(s)
Sat May  5 01:13:54 2018 local1.crit luci-reload[12754]: START==1
Folgende Einstellungen:
Bild

Kann mir jemand helfen?

MichaelWeigel
Beiträge: 405
Registriert: Di 24. Feb 2015, 11:13

Re: FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Beitrag von MichaelWeigel » Mo 7. Mai 2018, 10:40

Hallo,

bei einem VPN-Tunnel ist die einfache Methode nicht möglich. Sie müssen nach der Anleitung von MadPlayer vorgehen
http://forum.feste-ip.net/viewtopic.php ... b35e#p1157

LG Michael

Tropfen
Beiträge: 1
Registriert: Mi 13. Jun 2018, 09:49

Re: FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Beitrag von Tropfen » Mi 13. Jun 2018, 09:52

Hi all,


ich habe das Problem das er keine Verbindung aufbaut, obwohl ich es nach der Anleitung gemacht habe von MadPlayer.
Bitte hilfe.

Wed Jun 13 07:29:52 2018 daemon.err openvpn(xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx)[9147]: Options error: Unrecognized option or missing or extra parameter(s) in openvpn-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.conf:10: dev (2.4.2)
Wed Jun 13 07:29:52 2018 daemon.warn openvpn(xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx)[9147]: Use --help for more information.
Wed Jun 13 07:29:55 2018 local1.crit luci-reload[9183]: START==1
Wed Jun 13 07:29:57 2018 daemon.err openvpn(xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx)[9187]: Options error: Unrecognized option or missing or extra parameter(s) in openvpn-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.conf:10: dev (2.4.2)
Wed Jun 13 07:29:57 2018 daemon.warn openvpn(xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx)[9187]: Use --help for more information.
Wed Jun 13 07:30:02 2018 local1.crit luci-reload[9221]: START==1
Wed Jun 13 07:30:02 2018 daemon.err openvpn(xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx)[9222]: Options error: Unrecognized option or missing or extra parameter(s) in openvpn-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.conf:10: dev (2.4.2)
Wed Jun 13 07:30:02 2018 daemon.warn openvpn(xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx)[9222]: Use --help for more information.
Wed Jun 13 07:30:02 2018 daemon.info procd: Instance openvpn::instance1 s in a crash loop 6 crashes, 0 seconds since last crash

suedflughafen
Beiträge: 2
Registriert: Fr 20. Apr 2018, 23:52

Re: FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Beitrag von suedflughafen » So 17. Jun 2018, 21:01

Hallo Tropfen,
nimm doch einfach meine Anleitung ein paar Beiträge weiter oben und schon wird's funktionieren ;-)
VG, Alex

Antworten