Below you will find instructions for setting up the OpenVPN client of a Teltonika router with RutOS7 firmware for using the IP services 'mdex fixed.IP+ via OpenVPN' (securtiy level 30) and 'mdex public.IP via OpenVPN' (security level 30).
Please note that the OpenVPN data throughput depends significantly on the processor performance of the router. The achievable bandwidth is significantly higher with the RUTX models than with the RUT2 or RUT9 models.
Set up OpenVPN client on the Teltonika router
Only the necessary steps to commission the OpenVPN client are described here, not all other router settings for the respective use case.
- First, download the respective OpenVPN configuration file using 'right-click -> Save target as...':
- For 'mdex fixed.IP+': mdex fixed.IP30 Router.ovpn (right-click -> Save target as...)
- For 'mdex public.IP': mdex public.IP30 Router.ovpn (right-click -> Save target as...)
- Log in to the router's web interface.
- It is recommended to perform a firmware update to the latest version. Further information can be found under Update firmware of the Teltonika router's router/modem.
-
Add the OpenVPN client according to the specifications of the respective firmware version:
From firmware version R_00.07.16 - Under Services -> VPN -> OpenVPN add the OpenVPN client with 'Add':
- Import the previously downloaded OpenVPN configuration file with the following settings at 'OpenVPN configuration file' in the router and add it with 'Save & Apply'.
- Now click 'Edit' on the OpenVPN client, then select the option 'Password' under Authentication and click 'Save & Apply' at the bottom:
- Click 'Edit' again on the OpenVPN client, enter the username and password of the desired OpenVPN device under Security configuration and click 'Save & Apply' at the bottom:
Up to firmware version R_00.07.06 - Under Services -> VPN -> OpenVPN select the role 'Client' and additionally set a name under 'New configuration name', for example fixedIP or publicIP:
- Import the previously downloaded OpenVPN configuration file with the following settings at 'OpenVPN configuration file' in the router. The OpenVPN access data of the desired OpenVPN device must be entered under 'Username' and 'Password':
- Under Services -> VPN -> OpenVPN add the OpenVPN client with 'Add':
- The OpenVPN client has been set up and now establishes a connection to the mdex OpenVPN server.
- Under Network -> Firewall -> Zones (from firmware R_00.07.16), or Network -> Firewall -> General Settings (up to firmware R_00.07.06) set the openvpn zone's Input to 'Reject':
If the 'openvpn' Input zone remains set to 'Accept', all router services are publicly accessible, which poses a significant security risk, especially when using a public IP address (mdex public.IP)!
- To make the router and the devices connected to it remotely accessible via 'mdex fixed.IP+' or 'mdex public.IP', openvpn must be set as the Source zone for all rules for remote router access and port forwarding:
- Under Network -> Firewall -> Traffic Rules edit the relevant rules 'Enable_HTTP_WAN' (for HTTP remote access), or 'Enable_HTTPS_WAN' (for HTTPS remote access) by clicking 'Edit' and set Source zone to openvpn. Further information on enabling remote access can be found here.
- Under Network -> Firewall -> Port Forwards edit the port forwards with 'Edit' and set Source zone to openvpn. Further information on setting up port forwarding can be found here.