Hey All, I have a number of RV50’s that are registered with ALMS. It is the only means that I have configuration them since they are on LTE connections without static IP addresses. I now want to set up an OpenVPN client on them but unfortunately there doesn’t seem to be a way to create a template and have it upload the CA, client cert, and client key necessary to complete the configuration.
In an effort to gain access to the local devices I decided to get an IPSec VPN going since that is configurable through ALMS without any limitation like not being able to upload certificates for OpenVPN. I am still having issues however. Here is what I’ve done…
I set up an RV50 to use ethernet as the WAN and put it on a publicly accessible IP. I changed the local subnet to 192.168.15.0/24 and set up IPSec. (See attached screenshots).
The other RV50 has a dynamic IP address but At&t is assigning an internal 10.x.x.x as it’s WAN address so it is NOT publicly accessible. I mention this because the logs are referencing the 10.x.x.x address instead of the actual WAN IP address and I think this is what is causing the issue. I’ve tried setting the ID’s to IP, FQDN, and User FQDN with every possible combination. Seems like the RV50’s are still wanting to use the IP for ID’s though I’m not sure what I am looking at.
I’ve attached logs and screenshots of my set up for both. If anyone could help, it would be appreciated. I have devices consuming data that I need to get under control quickly.
It is currently not possible to load an Open VPN Client/Server Certificate Key via ALMS template. This feature is currently under review and we will update the forum accordingly once further info are available.
Your issue with the IPsec tunnel has been relayed to the appropriate support channel which should be contacting you shortly. We appreciate your patience.
Any update to this? I am just finding this feature was “under review” in 2017, but I am trying to configure an OpenVPN remotely and it’s just not possible, which is a blocker for deploying OpenVPN.