702
edits
Changes
→Connecting to your RMS VPN Hub
RMS VPN is a service designed for remote efficient, low-cost management of large-scale networks. As opposed to point-to-point VPN service, RMS VPN allows creating encrypted VPN tunnels for secure access of multiple endpoints within a matter of seconds. Let's illustrate with some examples.
RMS VPN is a service designed for remote efficient, low-cost management of large-scale networks. As opposed to point-to-point VPN service, RMS VPN allows creating encrypted VPN tunnels for secure access of multiple endpoints within a matter of seconds. Let's illustrate with some examples.
[[Media:RMS VPN tunnel 1280 v1.png|800px|center]]
[[File:RMS VPN tunnel 1280 v1.png|800px|border|class=tlt-border]]
Manufacturing facilities or plants use various PLCs and HMIs running on different protocols. The growing automation trends of such entities require enabling remote access due to increasing efficiency, reducing downtime, and optimizing costs. Using RMS VPN allows secure remote access to multiple applications simultaneously regardless of their protocol, checking and changing configurations, and completing other essential tasks.
Manufacturing facilities or plants use various PLCs and HMIs running on different protocols. The growing automation trends of such entities require enabling remote access due to increasing efficiency, reducing downtime, and optimizing costs. Using RMS VPN allows secure remote access to multiple applications simultaneously regardless of their protocol, checking and changing configurations, and completing other essential tasks.
2. Click Add route button to set up a new route.
2. Click Add route button to set up a new route.
[[File:RMS Add Route.png|class=tlt-border]]
[[File:RMS Add Route.png|border|class=tlt-border]]
3. From Auto Scan, select your specific device. Or alternatively use the manual tab.
3. From Auto Scan, select your specific device. Or alternatively use the manual tab.
[[File:Auto Scan RMS.png|class=tlt-border]]
[[File:Auto Scan RMS.png|border|class=tlt-border]]
4. To implement the changes, you must Restart the hub.
4. To implement the changes, you must Restart the hub.
[[File:RMS restart HUB.png|class=tlt-border]]
[[File:RMS restart HUB.png|border|class=tlt-border]]
===Downloading OVPN configuration file===
===Downloading OVPN configuration file===
1. In the Actions column, click on the Download icon.
1. In the Actions column, click on the Download icon.
[[File:Download Icon OVPN.png|class=tlt-border]]
[[File:Download Icon OVPN.png|border|class=tlt-border]]
2. Your PC will download .OVPN configuration file.
2. Your PC will download .OVPN configuration file.
===Connecting to your RMS VPN Hub===
===Connecting to your RMS VPN Hub===
----
----
1. To connect, you can use [https://openvpn.net/client-connect-vpn-for-windows/ OpenVPN Connect software]. Or any other alternative OpenVPN software. <br>
====RMS VPN app====
[[File:Rmsvpnvideo.mp4|thumb|Connecting to VPN via RMS VPN application]]
We have an official Teltonika RMS VPN application using which you will not be hassled by downloading config files, instead just logging in and you're just one click away of being connected to your VPN hub.
More information about the app is available [[RMS VPN App|'''here''']].
----
====OpenVPN Client====
1. Or alternatively, to connect, you can use [https://openvpn.net/client-connect-vpn-for-windows/ OpenVPN Connect software]. Or any other alternative OpenVPN software. <br>
2. To establish a connection import your .OVPN file. and click Connect.
2. To establish a connection import your .OVPN file. and click Connect.
[[File:OVPN import.png|class=tlt-border]]
[[File:OVPN import.png|border|class=tlt-border]]
3. You have successfully connected to your RMS VPN hub, now you can reach your remote device.
3. You have successfully connected to your RMS VPN hub, now you can reach your remote device.
[[Category:RMS VPN]]
[[Category:RMS VPN]]
== LAN to LAN communication==
To set up LAN to LAN communication via RMS VPN Hub, you would need some additional configuration. As shown in the topology below, we are going to set up communication between two end devices connected to Teltonika Networks routers, which are RMS VPN clients.
[[File:Vpnhubstopology.jpg|700px|border|class=tlt-border]]
The topology above contains two Teltonika routers ('''RUT1''' and '''RUT2''') with two end devices ('''END1''' and '''END2'''), each connected to a separate router's LAN. Both routers are added to the same RMS VPN Hub as RMS VPN clients. When this configuration is completed, not only will the two routers be able to communicate with each other, but the end devices will also be reachable to one another and from each router.
=== Adding VPN Clients===
----
To start, you would need to set up a VPN Hub as shown in the previous example. Once the Hub is set up and two RMS devices are added to the Hub, the clients tab should look like this:
[[File:RMS Clients tab.png|700px|border|class=tlt-border]]
=== Adding Routes===
----
Before adding routes to end devices, we have to enable the LAN forwarding feature. LAN forwarding modifies Firewall Zone covering RMS VPN, to allow VPN traffic to reach end device's LAN network. If you were to enable WAN forwarding, you would be able to reach end point connected to the device's WAN port. To enable forwarding, follow these steps:
* Click on the Hub and navigate to the '''Routes''' section.
* In the '''Clients''' tab, click on the LAN toggle to enable forwarding.
Client with enabled LAN forwarding should look like this:
[[File:RMS Lan forwarding.png|border|class=tlt-border]]
The next step is to add Routes to the end devices. Follow these steps to add routes:
*Navigate to the '''Routes''' section.
*Press '''Add Route''' button to open an additional menu.
*You could choose from either '''Auto Scan''' or '''Manual''' add route method. In this example, we are using '''Auto Scan'''.
*To add a route, select an RMS device from the list and press '''Scan Device'''.
*The procedure scans all devices that are connected to '''RUT1''' LAN.
[[File:RMS Route to end device.png|border|class=tlt-border]]
Once the scan is completed, follow the steps to continue:
*Select the end device‘s IP address (in this example 192.168.1.211) and press add.
*In this configuration, we are going to need to add routes in both '''RUT1''' and '''RUT2'''.
*To add a route to the '''RUT2''' network end device, just follow the procedure above.
Once both routes are added, '''restart the RMS Hub'''. If you have completed the steps correctly, the routes tab should look like this:
[[File:RMS both routes.png|border|class=tlt-border]]
=== Modifying Firewall Zones===
----
For the end devices to be able to reach each other, we are going to need to modify Firewall zones in both '''RUT1''' and '''RUT2'''. Follow these steps to edit Firewall zones:
*Navigate to '''Network -> Firewall -> General settings'''.
*In the zones section, click the edit button on LAN zone:
[[File:Newfilelan.png|950px|border|class=tlt-border]]
*In the '''Inter-Zone Forwarding''' section, click on '''Allow forwarding to destination zones''' and select '''rms''' (for example, rms_xzkEgQ: openvpn). This allows traffic from LAN to reach RMS VPN.
[[File:Forwardingzoneslan.png|450px|border|class=tlt-border]]
After clicking on '''Save & Apply''' for both routers, the setup is completed and the LAN to LAN communication between devices should work.
=== Testing the configuration===
----
As with any other configuration, it is always wise to test the setup in order to make sure that it works properly. To test LAN to LAN communication via RMS Hub, we could try to '''ping''' one end device from the other.
Pinging '''END2''' from '''END1''':
[[File:Ping to END2 device.png|border|class=tlt-border]]
Pinging '''END1''' from '''END2''':
[[File:Ping to END1 device.jpg|border|class=tlt-border]]
If the ping requests are successful, congratulations, your setup works. If not, we suggest that you review all the steps once more.