FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Mit unserem VPN Dienste machen wir Netzwerke erreichbar die keine öffentliche IP-Adresse besitzen oder keine Änderungen im Router möglich sind.
Post Reply
MadPlayer
Posts: 4
Joined: Fri 16. Jun 2017, 21:07

FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Post by MadPlayer »

Hallo,
was muss ich in meinem Teltonika RUT955 unter Open VPN eintragen?
Ich habe ein paar Daten aus der Conf datei eingetragen, aber funkoniert nicht.

gruß
MadPlayer


vpn tetonika rut955.PNG
vpn tetonika rut955.PNG (52.02 KiB) Viewed 11524 times
MichaelWeigel
Posts: 771
Joined: Tue 24. Feb 2015, 11:13

Re: FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Post by MichaelWeigel »

Hallo,

Die Einstellungen sollten so aussehen:
2.PNG
2.PNG (43.64 KiB) Viewed 11514 times
als Zertifikat wird die fipCA.crt hochgeladen.

LG Michael
LG Michael
MadPlayer
Posts: 4
Joined: Fri 16. Jun 2017, 21:07

Re: FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Post by MadPlayer »

Hi. Klappt leider nicht.
Habe jetzt alles durchprobiert.
Port steht bei mir in der config 1194.
Habe auch den port 1195 probiert geht nix.
vpn.JPG
vpn.JPG (77.46 KiB) Viewed 11502 times
MadPlayer
Posts: 4
Joined: Fri 16. Jun 2017, 21:07

Re: FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Post by MadPlayer »

hier das log file:

Sat Jun 24 14:07:21 2017 daemon.warn openvpn(client_fipvpn)[32640]: DEPRECATED OPTION: --max-routes option ignored.The number of routes is unlimited as of version 2.4. This option will be removed in a future version, please remove it from your configuration.
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: OpenVPN 2.4.2 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: library versions: OpenSSL 1.0.2k 26 Jan 2017, LZO 2.06
Sat Jun 24 14:07:21 2017 daemon.warn openvpn(client_fipvpn)[32640]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sat Jun 24 14:07:21 2017 daemon.warn openvpn(client_fipvpn)[32640]: ******* WARNING *******: '--auth none' was specified. This means no authentication will be performed on received packets, meaning you CANNOT trust that the data received by the remote side have NOT been manipulated. PLEASE DO RECONSIDER THIS SETTING!
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1521,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth [null-digest],keysize 128,key-method 2,tls-client'
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1521,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth [null-digest],keysize 128,key-method 2,tls-server'
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: TCP/UDP: Preserving recently used remote address: [AF_INET]84.200.67.221:1195
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: Socket Buffers: R=[8388608->8388608] S=[8388608->8388608]
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: UDP link local: (not bound)
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: UDP link remote: [AF_INET]84.200.67.221:1195
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: TLS: Initial packet from [AF_INET]84.200.67.221:1195, sid=0362a895 8d7dc805
Sat Jun 24 14:07:21 2017 daemon.warn openvpn(client_fipvpn)[32640]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: VERIFY OK: depth=1, C=DE, ST=SAXONIA, L=Frohburg, O=COSIMO Vertriebs- und Beratungs GmbH, OU=Webservices, CN=FIP-CA, name=ROOT-CA FIP-TOOLS, emailAddress=isp@cosimo.de
Sat Jun 24 14:07:21 2017 daemon.notice openvpn(client_fipvpn)[32640]: VERIFY OK: depth=0, C=DE, ST=SAXONIA, L=Frohburg, O=COSIMO Vertriebs- und Beratungs GmbH, OU=Webservices, CN=vpn2.connect2any.net, name=VPN2, emailAddress=isp@cosimo.de
Sat Jun 24 14:07:22 2017 daemon.warn openvpn(client_fipvpn)[32640]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1521', remote='link-mtu 1541'
Sat Jun 24 14:07:22 2017 daemon.warn openvpn(client_fipvpn)[32640]: WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
Sat Jun 24 14:07:22 2017 daemon.notice openvpn(client_fipvpn)[32640]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Jun 24 14:07:22 2017 daemon.notice openvpn(client_fipvpn)[32640]: [vpn2.connect2any.net] Peer Connection Initiated with [AF_INET]84.200.67.221:1195
Sat Jun 24 14:07:23 2017 daemon.notice openvpn(client_fipvpn)[32640]: SENT CONTROL [vpn2.connect2any.net]: 'PUSH_REQUEST' (status=1)
Sat Jun 24 14:07:23 2017 daemon.notice openvpn(client_fipvpn)[32640]: AUTH: Received control message: AUTH_FAILED
Sat Jun 24 14:07:23 2017 daemon.notice openvpn(client_fipvpn)[32640]: TCP/UDP: Closing socket
Sat Jun 24 14:07:23 2017 daemon.notice openvpn(client_fipvpn)[32640]: SIGTERM[soft,auth-failure] received, process exiting
Sat Jun 24 14:07:23 2017 user.emerg syslog: Instance openvpn::instance1 s in a crash loop 6 crashes, 2 seconds since last crash
MadPlayer
Posts: 4
Joined: Fri 16. Jun 2017, 21:07

Re: FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Post by MadPlayer »

Ich habe es nach einigen versuchen glaube ich hinbekommen. Die Verbindung wurde aufgebaut. Und läuft bis jetzt sehr gut.

Ich habe die openVPN Dateien per SCP auf den RUT955 übertragen und per extra Options eingebunden.
20170627_123312.jpg
20170627_123312.jpg (136.06 KiB) Viewed 11467 times
fipvpnrut995.jpg
fipvpnrut995.jpg (123.3 KiB) Viewed 11472 times
suedflughafen
Posts: 2
Joined: Fri 20. Apr 2018, 23:52

Re: FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Post by suedflughafen »

Um eine openVPN-Verbindung (FIP-VPN) mit einem Teltonika Router erfolgreich und relativ simple einzurichten sind folgende Schritte notwendig:
Bildschirmfoto 2018-04-20 um 10.20.34.png
Bildschirmfoto 2018-04-20 um 10.20.34.png (147.53 KiB) Viewed 10538 times
Jarosch
Posts: 1
Joined: Sat 5. May 2018, 00:44

FIP-VPN Tunnel unter Teltonika RUT950 funktioniert nicht

Post by Jarosch »

Hallo,

brauche Hilfe bei der Konfiguration des VPN Tunnels.

Code: Select all

Sat May  5 01:10:31 2018 local1.crit luci-reload[12009]: START==1
Sat May  5 01:10:34 2018 local1.crit luci-reload[12053]: START==1
Sat May  5 01:10:36 2018 daemon.warn openvpn(636C69656E745F46495056504E)[8574]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Re-using SSL/TLS context
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: TCP/UDP: Preserving recently used remote address: [AF_INET]185.62.150.17:1195
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Socket Buffers: R=[8388608->8388608] S=[8388608->8388608]
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: UDP link local: (not bound)
Sat May  5 01:10:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: UDP link remote: [AF_INET]185.62.150.17:1195
Sat May  5 01:11:36 2018 daemon.err openvpn(636C69656E745F46495056504E)[8574]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat May  5 01:11:36 2018 daemon.err openvpn(636C69656E745F46495056504E)[8574]: TLS Error: TLS handshake failed
Sat May  5 01:11:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: TCP/UDP: Closing socket
Sat May  5 01:11:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: SIGUSR1[soft,tls-error] received, process restarting
Sat May  5 01:11:36 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Restart pause, 5 second(s)
Sat May  5 01:11:41 2018 daemon.warn openvpn(636C69656E745F46495056504E)[8574]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Re-using SSL/TLS context
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: TCP/UDP: Preserving recently used remote address: [AF_INET]185.62.150.17:1195
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Socket Buffers: R=[8388608->8388608] S=[8388608->8388608]
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: UDP link local: (not bound)
Sat May  5 01:11:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: UDP link remote: [AF_INET]185.62.150.17:1195
Sat May  5 01:12:41 2018 daemon.err openvpn(636C69656E745F46495056504E)[8574]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat May  5 01:12:41 2018 daemon.err openvpn(636C69656E745F46495056504E)[8574]: TLS Error: TLS handshake failed
Sat May  5 01:12:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: TCP/UDP: Closing socket
Sat May  5 01:12:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: SIGUSR1[soft,tls-error] received, process restarting
Sat May  5 01:12:41 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Restart pause, 10 second(s)
Sat May  5 01:12:51 2018 daemon.warn openvpn(636C69656E745F46495056504E)[8574]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Re-using SSL/TLS context
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: TCP/UDP: Preserving recently used remote address: [AF_INET]185.62.150.17:1195
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Socket Buffers: R=[8388608->8388608] S=[8388608->8388608]
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: UDP link local: (not bound)
Sat May  5 01:12:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: UDP link remote: [AF_INET]185.62.150.17:1195
Sat May  5 01:13:36 2018 daemon.info hostapd: wlan0: STA 80:86:f2:b1:a5:2b WPA: group key handshake completed (RSN)
Sat May  5 01:13:47 2018 kern.info kernel: [  852.940000] Ports leds ON 
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd send: 'AT+QCSQ' (8)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd get: '+QCSQ: "LTE",77,-107,174,-10' (28)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd send: 'AT+QCSQ' (8)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd get: '+QCSQ: "LTE",77,-107,174,-10' (28)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd send: 'AT+CPIN?' (9)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd get: '+CPIN: READY' (12)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd send: 'AT+CREG?' (9)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd get: '+CREG: 2,1,"B07D","0CF630D",7' (29)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd send: 'AT+CSQ' (7)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd get: '+CSQ: 18,99' (11)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd send: 'AT+QCSQ' (8)
Sat May  5 01:13:47 2018 local1.info gsmd[6635]: gsmd get: '+QCSQ: "LTE",77,-107,174,-10' (28)
Sat May  5 01:13:48 2018 local1.info gsmd[6635]: gsmd send: 'AT+QCSQ' (8)
Sat May  5 01:13:48 2018 local1.info gsmd[6635]: gsmd get: '+QCSQ: "LTE",77,-107,174,-10' (28)
Sat May  5 01:13:50 2018 local1.crit luci-reload[12703]: START==1
Sat May  5 01:13:51 2018 daemon.err openvpn(636C69656E745F46495056504E)[8574]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat May  5 01:13:51 2018 daemon.err openvpn(636C69656E745F46495056504E)[8574]: TLS Error: TLS handshake failed
Sat May  5 01:13:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: TCP/UDP: Closing socket
Sat May  5 01:13:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: SIGUSR1[soft,tls-error] received, process restarting
Sat May  5 01:13:51 2018 daemon.notice openvpn(636C69656E745F46495056504E)[8574]: Restart pause, 20 second(s)
Sat May  5 01:13:54 2018 local1.crit luci-reload[12754]: START==1
Folgende Einstellungen:
Image

Kann mir jemand helfen?
MichaelWeigel
Posts: 771
Joined: Tue 24. Feb 2015, 11:13

Re: FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Post by MichaelWeigel »

Hallo,

bei einem VPN-Tunnel ist die einfache Methode nicht möglich. Sie müssen nach der Anleitung von MadPlayer vorgehen
http://forum.feste-ip.net/viewtopic.php ... b35e#p1157

LG Michael
LG Michael
Tropfen
Posts: 1
Joined: Wed 13. Jun 2018, 09:49

Re: FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Post by Tropfen »

Hi all,


ich habe das Problem das er keine Verbindung aufbaut, obwohl ich es nach der Anleitung gemacht habe von MadPlayer.
Bitte hilfe.

Wed Jun 13 07:29:52 2018 daemon.err openvpn(xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx)[9147]: Options error: Unrecognized option or missing or extra parameter(s) in openvpn-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.conf:10: dev (2.4.2)
Wed Jun 13 07:29:52 2018 daemon.warn openvpn(xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx)[9147]: Use --help for more information.
Wed Jun 13 07:29:55 2018 local1.crit luci-reload[9183]: START==1
Wed Jun 13 07:29:57 2018 daemon.err openvpn(xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx)[9187]: Options error: Unrecognized option or missing or extra parameter(s) in openvpn-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.conf:10: dev (2.4.2)
Wed Jun 13 07:29:57 2018 daemon.warn openvpn(xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx)[9187]: Use --help for more information.
Wed Jun 13 07:30:02 2018 local1.crit luci-reload[9221]: START==1
Wed Jun 13 07:30:02 2018 daemon.err openvpn(xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx)[9222]: Options error: Unrecognized option or missing or extra parameter(s) in openvpn-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.conf:10: dev (2.4.2)
Wed Jun 13 07:30:02 2018 daemon.warn openvpn(xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx)[9222]: Use --help for more information.
Wed Jun 13 07:30:02 2018 daemon.info procd: Instance openvpn::instance1 s in a crash loop 6 crashes, 0 seconds since last crash
suedflughafen
Posts: 2
Joined: Fri 20. Apr 2018, 23:52

Re: FIP-VPN Tunnel unter Teltonika RUT955 erstellen

Post by suedflughafen »

Hallo Tropfen,
nimm doch einfach meine Anleitung ein paar Beiträge weiter oben und schon wird's funktionieren ;-)
VG, Alex
Post Reply