Deploying a connector on a Teltonika (RutOS) compatible router

Overview

You can configure a Teltonika compatible router for network connector deployment. You must use specific sections from the OpenVPN Cloud connector profile and apply them to the associated router settings.

Steps: Download the connector profile

1. Sign in to the OpenVPN Cloud administration portal at https://cloud.openvpn.com.
2. Access Networks and open your router network.
3. Click on the download icon for the connector.
4. Click Select Where to Deploy and select Deploy Connector.
5. Select Teltonika router.
6. Click Download OVPN Profile and save it on your local computer.
   

Steps: Configure the Teltonika router

1. Sign in to the Teltonika router UI.
2. Access Services > VPN
   
   
3. Click to select Client as the Role, add a name, and click Add New.
   
   
4. Click Edit for the newly created profile.
   
   
5. Set these parameters on the Main Settings screen.
   
   

Parameter	Value
Enable OpenVPN config from file	Disable
Enable	Enable
TUN/TAP	TUN(Tunnel)
Protocol	UDP
Port	1194
LZO	Disable
Authentication	TLS
Encryption	AES-256-CBC-256
TLS cipher	All
Remote host/IP address	Open the .ovpn profile in a text editor, and copy and paste the host address.
Resolve retry	Infinite
Keep alive	A helper directive designed to simplify the expression of –ping and –ping-restart. This option can be used on both the client and server side, but it is enough to add this on the server side because it will push appropriate –ping and –ping-restart options to the client. If used on both server and client, the values pushed from the server will override the client local values.
Remote network IP address	Network IP Address
Remote network IP netmask	Network subnet mask
HMAC authentication algorithm	SHA256
Additional HMAC authentication	Authentication only (tls-auth)
HMAC authentication key	1. In the .ovpn profile, copy the content between the <tls-auth> and </tls-auth> tags and paste them into a new file. 2. Be sure that you include all of the —–BEGIN OpenVPN Static key V1—– and —–END OpenVPN Static key V1—– lines in the new file. There should be a total of two such lines. 3. When copying the contents into a new file, be sure to delete the starting <tls-auth> tag and the ending </tls-auth> tag. 4. Save the new file with a .key extension and upload it.
HMAC key direction	1
Extra options	Not filed
Use PKCS #12 format	Disable
Certificate authority	1. In the .ovpn profile, copy the content between the <ca> and </ca> tags and paste them into a new file. 2. Be sure that you include all of the —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– lines in the new file. There should be a total of four such lines. 3. When copying the contents into a new file, be sure to delete the starting <ca> tag and the ending </ca> tag.  4. Save the new file with a .crt extension and upload it.
Client certificate	1. In the .ovpn profile, copy the content between the <cert> and </cert> tags and paste them into a new file. 2. Be sure that you include all of the —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– lines in the new file. There should be a total of two such lines. 3. When copying the contents into a new file, be sure to delete the starting <cert> tag and the ending </cert> tag.  4. Save the new file with a .crt extension and upload it.
Client key	1. In the .ovpn profile, copy the content between the <key> and </key> tags and paste them into a new file. 2. Be sure that you include all of the —–BEGIN RSA PRIVATE KEY—– and —–END RSA PRIVATE KEY—– lines in the new file. There should be a total of two such lines. 3. When copying the contents into a new file, be sure to delete the starting <key> tag and the ending </key> tag.  4. Save the new file with a .key extension and upload it.
Private key decryption password (optional)	Not required

6. Save your changes, and restart the VPN connection.
7. Access Services > VPN and check that the configuration is enabled.
8. Access Status > Network > OpenVPN and check that the status is Connected.