Deploying a connector on a Teltonika (RutOS) compatible router
Overview
You can configure a Teltonika compatible router for network connector deployment. You must use specific sections from the OpenVPN Cloud connector profile and apply them to the associated router settings.
Steps: Download the connector profile
- Sign in to the OpenVPN Cloud administration portal at https://cloud.openvpn.com.
- Access Networks and open your router network.
- Click on the download icon for the connector.
- Click Select Where to Deploy and select Deploy Connector.
- Select Teltonika router.
- Click Download OVPN Profile and save it on your local computer.
Steps: Configure the Teltonika router
- Sign in to the Teltonika router UI.
- Access Services > VPN
- Click to select Client as the Role, add a name, and click Add New.
- Click Edit for the newly created profile.
- Set these parameters on the Main Settings screen.
Parameter | Value |
---|---|
Enable OpenVPN config from file | Disable |
Enable | Enable |
TUN/TAP | TUN(Tunnel) |
Protocol | UDP |
Port | 1194 |
LZO | Disable |
Authentication | TLS |
Encryption | AES-256-CBC-256 |
TLS cipher | All |
Remote host/IP address | Open the .ovpn profile in a text editor, and copy and paste the host address. |
Resolve retry | Infinite |
Keep alive | A helper directive designed to simplify the expression of –ping and –ping-restart. This option can be used on both the client and server side, but it is enough to add this on the server side because it will push appropriate –ping and –ping-restart options to the client. If used on both server and client, the values pushed from the server will override the client local values. |
Remote network IP address | Network IP Address |
Remote network IP netmask | Network subnet mask |
HMAC authentication algorithm | SHA256 |
Additional HMAC authentication | Authentication only (tls-auth) |
HMAC authentication key | 1. In the .ovpn profile, copy the content between the <tls-auth> and </tls-auth> tags and paste them into a new file. 2. Be sure that you include all of the —–BEGIN OpenVPN Static key V1—– and —–END OpenVPN Static key V1—– lines in the new file. There should be a total of two such lines. 3. When copying the contents into a new file, be sure to delete the starting <tls-auth> tag and the ending </tls-auth> tag. 4. Save the new file with a .key extension and upload it. |
HMAC key direction | 1 |
Extra options | Not filed |
Use PKCS #12 format | Disable |
Certificate authority | 1. In the .ovpn profile, copy the content between the <ca> and </ca> tags and paste them into a new file. 2. Be sure that you include all of the —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– lines in the new file. There should be a total of four such lines. 3. When copying the contents into a new file, be sure to delete the starting <ca> tag and the ending </ca> tag. 4. Save the new file with a .crt extension and upload it. |
Client certificate | 1. In the .ovpn profile, copy the content between the <cert> and </cert> tags and paste them into a new file. 2. Be sure that you include all of the —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– lines in the new file. There should be a total of two such lines. 3. When copying the contents into a new file, be sure to delete the starting <cert> tag and the ending </cert> tag. 4. Save the new file with a .crt extension and upload it. |
Client key | 1. In the .ovpn profile, copy the content between the <key> and </key> tags and paste them into a new file. 2. Be sure that you include all of the —–BEGIN RSA PRIVATE KEY—– and —–END RSA PRIVATE KEY—– lines in the new file. There should be a total of two such lines. 3. When copying the contents into a new file, be sure to delete the starting <key> tag and the ending </key> tag. 4. Save the new file with a .key extension and upload it. |
Private key decryption password (optional) | Not required |
- Save your changes, and restart the VPN connection.
- Access Services > VPN and check that the configuration is enabled.
- Access Status > Network > OpenVPN and check that the status is Connected.