I'm trying to connect my RUT950 router to my VPN server. I have configured the server and have connected from other clients but i'm struggling with the correct configuration on the RUT950. Would somebody be able to point me in the direction of which fields are required from my ovpn file please as i'm pulling my hair out. The settings on the RU950 (with the settings i have applied) are:
TUN/TAP: TUN
Protocol: UDP
Port: 1701
LZO: Off
Encryption: AES-256-CBC 256
Authentication: TLS/Password
TLS cipher: All
Remote host/IP address: *hidden*
Resolve retry: infinite
Keep alive: 10 120
Remote network IP address: 10.8.0.0
Remote network IP netmask: 255.255.255.0
Max routes: 100
User name: *hidden*
Password: *hidden*
Extra options: Empty
HMAC authentication algorithm: SHA256
Additional HMAC authentication: Off
Certificate authority: Taken from <ca>
Client certificate: Taken from <cert>
Client key: Taken from <key>
My ovpn file is as follows:
client
dev tun
proto udp
remote *hidden* 1701
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
tls-version-min 1.2
verify-x509-name server_OglEyuodfvWJvHDk name
cipher AES-256-CBC
auth SHA256
compress lz4
verb 3
<ca>
*hidden*
</ca>
<cert>
*hidden*
</cert>
<key>
*hidden*
</key>
<tls-crypt>
*hidden*
</tls-crypt>
Any help would be greatly appreciated. I'm guessing my problem is something to do with not applying the <tls-crypt> in my RUT950 settings?
TIA
Chris
Configuring RUT950 from ovpn file
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
chris.ryan
- OpenVpn Newbie
- Posts: 2
- Joined: Thu Aug 16, 2018 5:55 pm
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Configuring RUT950 from ovpn file
You cannot use --tls-crypt if your router does not support it ..
-
chris.ryan
- OpenVpn Newbie
- Posts: 2
- Joined: Thu Aug 16, 2018 5:55 pm
Re: Configuring RUT950 from ovpn file
Ok, thanks. Should it just be a case of changing tls-crypt to tls-auth in my server.config or is there more to it than that? Does the rest of the config look correct?
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Configuring RUT950 from ovpn file
As a general rule, ALL options must be matched on either side of the VPN.
The exception of Certificate and key, which must be unique to each node.
(unless over ridden by --duplicate-cn)
Please see the various --tls-* options in the manual.
Start here:
HOWTO: For OpenVPN Community Edition
For help Please see:
HOWTO: Request Help ! {2}
(Note: log files)
The exception of Certificate and key, which must be unique to each node.
(unless over ridden by --duplicate-cn)
Please see the various --tls-* options in the manual.
Start here:
HOWTO: For OpenVPN Community Edition
For help Please see:
HOWTO: Request Help ! {2}
(Note: log files)