Ubuntu OpenVPN Server and Industrial VPN Router OpenVPN Client :

There is a setting on the eWON that discards pings by default on the WAN side. You can change this setting in the comcfg.txt file.
image
Default is “3” which discards pings. Change to “1” or “2” to reply to pings.

Hi Kyle ,

Thanks for the reply . I checked the setting for WANItf Prot . Its 1 there .

Thanks

I’m sorry, I mis-typed. Default is 1 and discards pings. Please change to 2 or 3.

Now in ewon real time logs following error is remaining :-

echo “deb http://swupdate.openvpn.net/apt <OSRELEASE> main” > /etc/apt/sources.list.d/swupdate.openvpn.net.list

And I cannot ping the ewon VPN IP Address 10.8.0.6 from the ubuntu server .

Please assist !

Thanks

Using our device with 3rd party software (anything other than eCatcher or eFive) is currently not supported, however we do have plans to release instructions for configuring with OpenVPN in the future. I would refer you to your local distributor in the meantime. Was this device purchased in India?

Hi @ssmanku1699,

Here is the first draft of our instructions for connecting the eWON with an OpenVPN server instead of eCatcher. We have successfully tested these in a lab setting (using VirtualBox as in the instructions) and on Microsoft Azure, but there was some troubleshooting involved that may not be fully described in the document. You should expect to do some troubleshooting depending on your local environment and keep in mind that we are still in the early stages of testing this configuration. We don’t recommend using this configuration as-is in a production environment, and significant security hardening should be done before deploying.

openVPN App Note Rev1.pdf (268.1 KB)

client.ovpn (251 Bytes)
server.conf (11.0 KB)
vars (8.2 KB)

Kyle

Thanks so much Kyle . I will try out to configure exactly the way mentioned in your shared docs . If I stuck somewhere , get back to you .

1 Like

Hi kyle,
I tried to connect eWON with third party software. For that i refer document following by openVPN App Note Rev1.pdf. I am using amazon server as ubuntu server. But when i run scp command to transfer server.req to my local CA machine it gives me error like permission denied(publickey,password).

Please do needful help,thank you in advance.

When you run the scp command on what? The eWON or the server?

When i run scp command for transferring the file from my machine to server(Amazon ubuntu server) it is running. But when i use scp command for transferring the file from my server (Amazon ubuntu server) to machine,it gives me error like permission denied (publickey,password).

Hi Kyle,

when i start openvpn server with following command systemctl start openvpn@server
it gives me error like

OpenSSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

Cannot load private key file /etc/openvpn/server.key

Error: private key password verification failed

Exiting due to fatal error

How can i resolve this?

Thank you in advance

The scp issue is a permissions issue. When you say your machine, is this a Linux or Windows PC? Either way you need to give write permission to the Amazon server to write to your machine.

This OpenSSL error is happening because you put a password on your private key. Please create a new key without a password.

Thank you so much kyle. If I stuck somewhere , get back to you .

Hi kyle,

I done all the configurations according to openVPN App Rev1 Document. But after completing all the steps i found in ewon summary page the status of the vpn is not configured.

one confusion is what should i select in Setup>System>Communications>Networking>VPN Connection>Outgoing

There is one option in outgoing page named Connect to…What should I select in that configuration.

Other EWON/VPN Server/Efive VPN Server

For better understanding I attached one image of this page.

Thank you in advance

I"m sorry about the delay…

Remote VPN WAN… looks correct (Defined Manually)

Connect to … should be VPN Server and contain your Keys.

Did you check the Logs? Are your keys right or is it not connecting to the VPN server?

Yes, my keys are right but it does not connect to the VPN Server. After adding certificates files in Flexy /usr directory, you mention in last step reboot the flexy. On reboot page what should i select None/Enable Remote Wizard.

I tested with None and click on reboot. After rebooting the flexy i go to summary page and checked VPN Status. It is still show Not configured.

Please tell me the above step that i have performed is okay or not.

Hi kyle,
I have attached one document regarding difficulties found in flexy.

Please revert me. Thank you in advance.

Findind difficulties in flexy.docx (256 KB)

None. You just need to reboot or power cycle the Flexy.

In the Word doc you sent you say, “After putting that configuration files in flexy GUI, I have facing one difficulty that when I refresh the browser page, my private key will automatically changed.” The key has not changed, it is just hashed so that it is not showing in “plain text” for security reasons.

You are missing the following line from you server.conf file:

ns-cert-type client

If this does not help, can you please share the logs from both the Server and clients.

Thank you,

Kyle

Do u have your skype id that we can have conversations faster ?