WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

default gateway rut955

0 votes
3,558 views 7 comments
by

Hi! How can I use default gateway on RUT955? In lan settings there are only IP and NETMASK. I need to use port forwarding from mobile to host only through cisco firewall, that should be default gateway in my case. I see section Routing, tried to use it, but unsuccessfully, traffic from RUT955 goes directly to host. In routing I made some rules like MAIN-LAN-0.0.0.0 0.0.0.0-(firewall ip); MAIN-MOBILE-0.0.0.0 0.0.0.0-(firewall ip). Hope for your help.

2 Answers

0 votes
by

Hi,

I need to use port forwarding from mobile to host only through cisco firewall, that should be default gateway in my case. 

Could you draw a simple sketch of your network topology with IP, Gateways, subnets? And short description what you want to make and how it should work?

But according your details, seems like you need bridge mode (LTE to LAN), if yes, then please check (Network -> Mobile -> General -> Mode).

by
RUT955 (he has sim-card with static ip 172.28.x.x, lan ip 10.24.y.y/24) is a reserve link to some devices on object. Server communicates with this devices through tcp on port number 80. So we use port forwarding on RUT955 (his static ip 172.28.x.x:81, :82 etc to devices). The main link goes through cisco asa 5506 (and some higher devices through fiber-optic), its should be default gateway (lan ip 10.24.y.y+1/24) for all lan devices. It has routes for mobile traffic trhough RUT955. Now because I can't find how to make default gateway on RUT955, traffic directly goes from RUT955 to devices. I want to pass all traffic from RUT955 through cisco. Try to use routes in RUT955, didnt wor out. There are 4 route tables and some zones, it's hard to understand with wiki info.

So, I need that all lan traffic from RUT goes through cisco. Some route like 0.0.0.0 0.0.0.0 (cisco ip).

Other modems, that I used (for example, conel er75, ur5, irz) all have this default gateway option.
by anonymous

Hey, 

We still would like to see a topology. Use below website to create one for free:

https://www.draw.io

If traffic comes to RUT and leaves through the ASA, will not it be an asymmetric routing?

Thanks,

Myky

by

Something like that. Why it will be assymetric routing? Mobile traffic should come into RUT, pass through ASA, go to devices, go back to ASA, go to RUT. There are routes for mobile on asa 172.28.0.0 255.255.0.0 10.24.12.75. 

by anonymous

Hey,

Thanks for the topology. In your case RUT will never route traffic through the ASA. This is because your servers and RUT are in the same subnet ( 10.24.12.0/24), hence RUT simply will ARP for the servers MAC address. You need to segment the subnet so your ASA and RUT will be in one subnet, where the servers will be on another (but directly connected to ASA).

Thanks,

Myky

by
Thanks for answer. So using ROUTES on RUT I can't forward all lan traffic to asa? It's sad :(
by anonymous
You can, as long as the destination IP/subnet is not local to the RUT (otherwise it will use ARP/L2 forwarding).
by

Thanks for answer. Some more questions on this situation.

1) Tomorrow I'll try to use another subnet for RUT and some ASA interface. But, If I understand right, I need use routes on RUT to direct traffic on hosts through ASA, did I? For example, I'll use 10.24.13.1/30 for RUT, connect it directly to ASA interface with 10.24.13.2/30. Port forwarding still to 10.24.12.65:80 etc. So what routes do I need add on RUT? 

MAIN--LAN--10.24.12.0--255.255.255.0--10.24.13.2 ? It's not clear on wiki about Routing table and Interface in routes.

2) Can you pls tell me more about "Source NAT" option in "Firewall section" ? In my situation, server connects through RUT from 172.28.93.1 mobile IP. With this option can I change source IP to local RUT IP (10.24.13.1/30)? It'll be like TCP+UDP--WAN--LAN--10.24.13.1 ? And incoming connection to hosts will be from this IP with random tcp port not from 172.28.93.1?

0 votes
by anonymous

Hey,

Yes, l believe MAIN--LAN should be a correct way to do that. I found a good article regarding the double router port forwarding:

https://wiki.vuze.com/w/Port_forwarding#Double_router_port_forwarding

I assume your servers run on different ports, if not then you can port forward on any port from RUT > ASA, but from ASA side use destination port 80 to the actual server IP address. 

Thanks,

Myky