Titan – AN16: OpenVPN – Client & Server

Scene Details

It is intended to link a Server PC from a central office with 3 remote PLCs through an OpenVPN network. This will use a Titan router to provide connectivity to both the server PC and remote PLCs.

Let\’s see it in the following example:

Basically with this example it is intended to have access from the Server PC to any of the remote PLCs, and vice versa, to access the Server PC from any of the remote PLCs. That is to say, at the end of this example we will see how, if the server PC performs a PING to the IP addresses 192.168.11.1, 192.168.12.1 or 192.168.13.1, we will have a response. And vice versa, if from any PLC we do a PING to 192.168.1.1 we will also have a response.

Configurations and Prerequisites

The basic requirement is that the SIM address of the Titan router that makes the OpenVPN Server function have a public and static IP address. The SIM cards of the remaining Titan routers, which perform the function of OpenVPN Client, do not need static or public IP address. This guide can be used from firmware version 3.00.3.14 of the Titan Routers.

OpenVPN Router Server Configuration

First of all, go to the menu VPN> OpenVPN Server and configure the first section with the parameters relative to the previous example:

Next we have to configure the digital certificates. In this example we are going to assume that we do not have digital certificates or know how. To generate the necessary digital certificates, you can go to the link: https://openvpn.net/howto.html donde se especifica perfectamente el proceso de generación.

Alternatively, an extraordinarily simple process is to push a button on a configuration screen of the Titan router and he will take care of everything. In this example we will do so by pressing a button as shown below:

When you press the button, all the necessary files will be generated to configure the router that will be the OpenVPN server (the one we are configuring) as well as the files of 25 clients. It is a simple process that can take quite a while (5 ~ 15 minutes usually). Press the refresh button and it will give you an indication of how the generation process is going.

Once the process is finished, you will see that all the generated certificates appear below. We are only interested in the server and 3 clients:

We will click on each one of the files indicated in the previous figure to download them.

Now all you have to do is upload the files generated for the server router, that is, the router that we are configuring. Once done we just have to reboot the router.

OpenVPN Configuration of an OpenVPN Client Router

We will configure the Titan router that will do client1. The router client2 and client3 are configured exactly the same. For this we go to the section VPN> OpenVPN Client and configure the  parameters according to the data of the example:

After pressing the Save Config button, we will only be able to upload the client\’s certificates. That is, we will have to upload the files that we have generated before with the server router. Specifically ca. crt, client1.crt and client1.key.

After the previous process, you only have to do the same on each client router and restart them.

This example assumes the WAN (3G) and LAN configuration of each router is set. If you have any questions, please contact gsmsupport@matrix.es

Remember that you must set the LAN address of each associated router as the Gateway IP address on both the Server PC and each of the PLCs.

Connecting Titan with the Temperature/Humidity Probe

For example, if we open a console window on the server PC and perform a PING to address 192.168.11.1, we should see a response.