Skip to main content

Tutorial: Configure a Teltonika Router To Connect to CloudConnexa

Abstract

This tutorial contains instructions on how to use a Teltonika router and configure it to use a Connector profile to connect to CloudConnexa and make the network part of your WPC.

Introduction

You can configure a Teltonika-compatible router for Network Connector deployment. You must use specific sections from the OpenVPN Connector Profile and apply them to the associated router settings.

Downloading the Connector profile

Sign in to the CloudConnexa Administration portal at https://cloud.openvpn.com.

  1. Navigate to Networks.

  2. Select Networks.

  3. Click the name of the router Network.

  4. Click the Connectors tab.

  5. Click the Deploy drop-down menu of the Connector you wish to modify.

  6. Select Deploy Connector.

  7. Click Connector Type drop-down menu.

  8. Select Teltonika.

  9. Click Download OVPN Profile.

Alternatively, you may download the profile by clicking the Network name, and the edit icon for the Network.

Or from the Connectors menu.

Configuring the Teltonika router

  1. Sign in to the Teltonika router UI.

  2. Access Services > VPN

    teltonika_1.png
  3. Click to select Client as the Role, add a name, and click Add New.

    teltonka_2.png
  4. Click Edit for the newly created Profile.

    teltonika_3.png
  5. Set these parameters on the Main Settings screen.

    teltonika_4.png
    teltonika_5a.png

    Parameter

    Value

    Enable OpenVPN config from file

    Disable

    Enable

    Enable

    TUN/TAP

    TUN(Tunnel)

    Protocol

    UDP

    Port

    1194

    LZO

    Disable

    Authentication

    TLS

    Encryption

    AES-256-CBC-256

    TLS cipher

    All

    Remote Host/IP address

    Open the .ovpn Profile in a text editor, and copy and paste the Host address.

    remote host ip.png

    Resolve retry

    Infinite

    Keep alive

    A helper directive designed to simplify the expression of –ping and –ping-restart. This option can be used on both the client and server side, but it is enough to add this on the server side because it will push appropriate –ping and –ping-restart options to the client. If used on both server and client, the values pushed from the server will override the client local values.

    Remote Network IP address

    Network IP Address

    Remote Network IP netmask

    Network subnet mask

    HMAC authentication algorithm

    SHA256

    Additional HMAC authentication

    Authentication only (tls-auth)

    HMAC authentication key

    1. In the .ovpn Profile, copy the content between the<tls-auth> and </tls-auth> tags and paste them into a new file.

    2. Be sure that you include all of the --- BEGIN OpenVPN Static key V1---­ and ---END OpenVPN Static key V1--- lines in the new file. There should be a total of two such lines.

    3. When copying the contents into a new file, be sure to delete the starting <tls-auth> tag and the ending </tls-auth> tag.

    4. Save the new file with a .key extension and upload it.

    HMAC key direction

    1

    Extra options

    Not filed

    Use PKCS #12 format

    Disable

    Certificate authority

    1. In the .ovpn Profile, copy the content between the <ca> and </ca> tags and paste them into a new file.

    2. Be sure that you include all of the ---BEGIN CERTIFICATE--- and ---END CERTIFICATE--- lines in the new file. There should be a total of four such lines.

    3. When copying the contents into a new file, be sure to delete the starting <ca> tag and the ending </ca> tag.

    4. Save the new file with a .crt extension and upload it.

    Client certificate

    1. In the .ovpn Profile, copy the content between the <cert> and </cert> tags and paste them into a new file.

    2. Be sure that you include all of the ---BEGIN CERTIFICATE--- and ---END CERTIFICATE--- lines in the new file. There should be a total of two such lines.

    3. When copying the contents into a new file, be sure to delete the starting <cert> tag and the ending </cert> tag.

    4. Save the new file with a .crt extension and upload it.

    Client key

    1. In the .ovpn Profile, copy the content between the <key> and </key> tags and paste them into a new file.

    2. Be sure that you include all of the ---BEGIN RSA PRIVATE KEY--- and ---END RSA PRIVATE KEY--- lines in the new file. There should be a total of two such lines.

    3. When copying the contents into a new file, be sure to delete the starting <key> tag and the ending </key> tag.

    4. Save the new file with a .key extension and upload it.

    Private key decryption password (optional)

    Not required

  6. Save your changes, and restart the WPC connection.

  7. Navigate to Services > WPC and check that the configuration is enabled.

  8. Navigate to Status > Network > OpenVPN and check that the status is Connected.