Hi there,
trying out a RV50 for a potential client project. We have an OpenVPN server running, (Windows, Mac, Linux) clients can connect fine using certificates. Everything in the RV50 is set as in our .ovpn files which work perfectly on the clients.
Here it is:
client
dev tun
proto udp
remote server.tld 1194
float
comp-lzo yes
push "comp-lzo yes"
resolv-retry infinite
nobind
persist-key
persist-tun
verb 3
auth SHA256
cipher AES-256-CBC
ca cacert.pem
cert BenutzerB.pem
key BenutzerB-NOPASS.key
Passphrase was removed for the Key to avoid requesting passwords for the certificate.
In the RV50 OpenVPN-Setting we have
The username/password field are kept blank because we don’t need them.
And here comes the problem… How to tell the RV50 to connect to the VPN? According to the manual there’s nothing more to do. Apply the policy or reboot and that should be it.
But it is not obviously.
I checked the Log and even in verbose mode I can’t see any connection attempt. The VPN server sees an attempt from a device with an undefined CN. But it’s there in the RV50s settings as you can see in the screenshot above.
Aug 15 16:55:24 warning ALEOS_ALMS_LWM2M: Failed bootstrap, retrying in '40' seconds, '2' left
Aug 15 16:55:25 info ALEOS_SYSTEM_WDlog: Deregister '/tmp/alive/lwm2m_alive'
Aug 15 16:55:38 info ALEOS_SYSTEM_STS: send tunnel command: /usr/sbin/firewall settunnel 1 down> /dev/null 2>&1
Aug 15 16:56:06 info ALEOS_SYSTEM_CSM: Adding All Notification for /lwm2N
Aug 15 16:56:06 info ALEOS_SYSTEM_WDlog: Update Register '/tmp/alive/lwm2m_alive' (max error='2', period='120', action='kill')
Aug 15 16:56:11 info ALEOS_SYSTEM_STS: send tunnel command: /usr/sbin/firewall settunnel 1 down> /dev/null 2>&1
Aug 15 16:56:14 warning ALEOS_ALMS_LWM2M: Failed bootstrap, retrying in '80' seconds, '1' left
Aug 15 16:56:15 info ALEOS_SYSTEM_WDlog: Deregister '/tmp/alive/lwm2m_alive'
Aug 15 16:56:35 info ALEOS_SYSTEM_WDlog: Deregister '/tmp/alive/lwm2m_alive'
Aug 15 16:56:38 info ALEOS_SYSTEM_WDlog: Register '/tmp/alive/msci_alive' (max error='2', period='300', action='kill')
Aug 15 16:56:38 info ALEOS_SYSTEM_CSM: Adding All Notification for /ANup
Aug 15 16:56:44 info ALEOS_SYSTEM_STS: send tunnel command: /usr/sbin/firewall settunnel 1 down> /dev/null 2>&1
Aug 15 16:57:16 info ALEOS_SYSTEM_STS: send tunnel command: /usr/sbin/firewall settunnel 1 down> /dev/null 2>&1
Aug 15 16:57:49 info ALEOS_SYSTEM_STS: send tunnel command: /usr/sbin/firewall settunnel 1 down> /dev/null 2>&1
Aug 15 16:58:22 info ALEOS_SYSTEM_STS: send tunnel command: /usr/sbin/firewall settunnel 1 down> /dev/null 2>&1
Aug 15 16:58:55 info ALEOS_SYSTEM_STS: send tunnel command: /usr/sbin/firewall settunnel 1 down> /dev/null 2>&1
Aug 15 16:59:28 info ALEOS_SYSTEM_STS: send tunnel command: /usr/sbin/firewall settunnel 1 down> /dev/null 2>&1
Aug 15 17:00:00 info ALEOS_SYSTEM_STS: send tunnel command: /usr/sbin/firewall settunnel 1 down> /dev/null 2>&1
In VPN-Confuration both outgoing (Management and Host) is allowed.
Just to make sure there’s nothing blocked by the cellular provider used for this test: connecting a laptop to the RV50s ethernet port and firing up OpenVPN connects instantly.
Firmware is 4.8.0. There is a 4.8.1 on the website but only for North America. It’s EMEA here.
I do believe I’m missing something…
Any hints, folks?