Posts: 88
Threads: 15
Joined: Sep 2019
Reputation:
1
Hello, is there any way to connect to the logic machine home page to access the apps without having to redirect the http port on the local router?
That is, if as an integrator (installer) I want to access the logic machine page to change a script or to see the status of KNX objects, how can I do it without redirecting port 80 (http)?
Thank you very much.
Posts: 7763
Threads: 42
Joined: Jun 2015
Reputation:
447
The only solution for now is to use a router with VPN support. This solution is more secure than port forwarding. Next firmware will have support for VPN client but for this you will need your own VPN server. We will provide a tutorial on how to run it yourself by using a cheap virtual server.
Posts: 88
Threads: 15
Joined: Sep 2019
Reputation:
1
I have a Mikrotik router with a VPN server on my network, that would not be a problem, but the ideal would be to have a VPN client in the LM.
The VPN solution is something I have thought of, but I think it is very intrusive to the customer. Think that connecting via VPN to the installation gives me access to the client's network and I think that is not entirely legal.
So I am asking for some way to ONLY access the LM without doing port forwarding.
Thank you.
Posts: 88
Threads: 15
Joined: Sep 2019
Reputation:
1
Awesome thanks.
I am going to try.
Posts: 7763
Threads: 42
Joined: Jun 2015
Reputation:
447
Please send your configuration file via PM
Posts: 88
Threads: 15
Joined: Sep 2019
Reputation:
1
Ok, I just sent it to you.
Thank you.
Posts: 88
Threads: 15
Joined: Sep 2019
Reputation:
1
Ok,
Now, in the OpenVPN status page:
It tells me that there is an error:
Wed Apr 15 16:50:38 2020 neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for 'Enter Private Key Password:'. If you used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.
Posts: 7763
Threads: 42
Joined: Jun 2015
Reputation:
447
The problem is that your private key has a password set. This will not work, try creating new config where key does not have a password.
Posts: 7763
Threads: 42
Joined: Jun 2015
Reputation:
447
I've updated my post, the issue is of different sort.
Posts: 7763
Threads: 42
Joined: Jun 2015
Reputation:
447
Unfortunately this looks like a common Mikrotik issue with OpenVPN server. This might be due to older server version on Mikrotik or something else.
Posts: 88
Threads: 15
Joined: Sep 2019
Reputation:
1
Impossible to connect LM with mikrotik, I have been trying to see the problem for two days and I have not succeeded.
It gives me error in TLS negotiation.
Fri Apr 17 13:53:49 2020 SIGUSR1 [soft, tls-error] received, process restarting
Fri Apr 17 13:53:49 2020 TLS Error: TLS handshake failed
Fri Apr 17 13:53:49 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network
I don't know what to try.
In the mikrotik LOG there are no errors.