WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

RUTX11 port forwarding

+1 vote
1,395 views 12 comments
by
Hi, everyone,

I have a Teltonika RUTX11 router, with an Italian TIM SIM card on which I required a dynamic public IP address.

I can access the router's webpage generating a link via RMS, via the router's public ip and via the dynamic dns I have with NO-IP.

The problems arise when I try to reach other devices inside the lan, under the router: I cannot access the devices neither configuring the port forwarding, nor the traffic rules or anything else in the management page, but only the main Teltonika router web page at the port 80 on the external address.

Does anyone experienced the same issue and know how to solve it?

Thanks in advance for your support.

Carlo

1 Answer

0 votes
by
You must port forward to the lan ip given by your dhcp server to access something in your lan network
by anonymous
First of all thank you very much for your reply.

I probably couldn't explain my problem properly:

I requested public IP from my ISP (TIM mobile Italy). Now I have a public dynamic IP, which is connected to a NO-IP dns service.

Currently I can access from the outside both by typing the IP address and the NO-IP dns.

The dynamic DNS service works well and updates automatically at each reconnection when the IP changes.

My problem now is that from the outside, despite having configured port forwarding, I can only reach the Teltonika router.

For example, under the Teltonika router in the LAN there is a Netgear access point to which I have assigned a static dhcp 192.168.10.108

I configured port forwarding with any source, ip and MAC from the WAN, external port 8000, to LAN, IP address 192.168.10.108, internal port 80.

Technically connecting to my ip port 8000 from the outside I should see the page of the Netgear access point, but instead I see a blank page that tells me that it cannot find the server.

Thanks in advance,

Carlo
by anonymous
Hi,

did you make sure that your netgear access point is reachable through remote? Have you tried reaching any other devices WebUI?
by anonymous
Hi,

Yes, remote access is enabled on Netgear. I tried with several internal ports, 80, 8443, etc. and tried to configure the port forwarding both by keeping the same port on the outside and by changing the internal and external port

(ex. IP: 8080 -> LAN: 8080; IP: 8080 -> LAN: 8443).

As for the other devices, it's the same.

At the moment the Netgear is set up as a router with its own DHCP which creates a subnet, therefore by not accessing the Netgear I cannot access any device below it.

But I also tried to set the Netgear just as an access point.

In the RUTX11's Interfaces page -> LAN I saw all the connected devices but none was accessible, neither the web pages nor any single remote services (eg Plex Server on NAS on the port 32400).

Lastly, I spoke to my ISP, and they told me that since they put me in DENAT with a public (dynamic) IP, there are no limitations on their side on the ports.

Thank You,

Carlo
by anonymous

Okay, I found a solution for you.

Set your netgear to work as DHCP relay for RUTX11. For example,

  1. Set your RUTX11 LAN IP to 192.168.1.1 and NetGear LAN IP should be 192.168.1.2.
  2. Instead of NetGear DHCP server being enabled, turn it into DHCP relay mode, which will use RUTX11 DHCP and put all the devices connected to NetGear under RUTX11 subnet.
  3. This should help you reach all the devices that are connected to RUTX11 and NetGear.

by anonymous
Hi,

I have already tried to directly set the Netgear in bridge mode, and from within the LAN all the IPs are assigned by the DHCP server of the RUTX11 and are reachable.

In one way or another, the internal LAN always works great.

The problem, however, remains that from the outside I can only access the Teltonika web page, while despite the port forwarding rules, all port redirects are blocked towards all internal IPs on any port.

There must be a problem, the ISP states that with the public IP they have assigned me there are no restrictions on the ports.

If this is true, at this point it can only be an error in forwarding by RUTX11, but I can't understand where.

Carlo
by anonymous

Does your port forwarding rule look something similar to that?

  • Please make sure that all traffic rules are default, except the Enable_HTTP_WAN, which should be enabled in order to access it from WAN.
  • Check Access control settings under administration, you can try enabling remote access there too, it should override the rules that might block you from remote connecting.
  • Also, if you set a port forward that should come from WAN source, try accessing your dynamic DNS address from other device that is not in your network, lets say mobile phone.
Let me know if anything brightens up.
by anonymous

Here are some screenshots of my configuration:

Carlo

by anonymous
Can you show me what you get when you open "internal IP address" dropdown field? Can you see all the IP addresses given by DHCP server, including the ones you want to port forward to?
by anonymous

Yes, i get the IP of the Netgear with its correct MAC address and its correct IP address I set as static lease.

Please consider that at the moment I am not connected to the router, but I am accessing it remotely from another place, with a web browser connecting to the address xxx.ddns.net

Carlo

by anonymous

Okay, let's do this again.

1st router will be RUTX11.

2nd router will be NetGear.

First of all, it would be best if you could reset both routers, so no additional configurations won't get in our way.

1st router (RUTX11) configuration:

  1. Set it's LAN IP to 192.168.1.1
  2. Configure Dynamic DNS again.
  3. Check if you get your Dynamic Public IP.
  4. Go to Administration > Access Control and enable Remote HTTP access.

2nd router (NetGear) configuration.

  1. Set it's LAN IP to 192.168.2.1.
  2. Go to Administration > Access Control and enable Remote HTTP access.

Connect 1st router to LAN, and 2nd router to WAN. 1st router will give out DHCP address to the second router, e.g 192.168.1.154.

On the first router do a port forward with source zone as WAN, external IP as Any, external port something like 8081, internal zone choose Lan, and internal IP as the IP address that your 1st router gave to the second, 192.168.1.154, and internal port 80.

Save everything and you should be able to reach your second router through dynamic public IP address, and if you set-up your dynamic dns, it should also work just fine.

EB.

by anonymous
I did it all over again. I reset all the parameters as you wrote them.

Now everything works perfectly and I can see all the devices within the network on the ports that I have configured.

In truth, I must say that the settings prior to the reset were identical to the current ones, I do not know if a reset was necessary for some modified setting that I had missed, or in the meantime on the ISP side they enabled something after my reports.

The important thing is that everything works now, and thank you very much for the precious help you have given me.

Carlo
by anonymous
Really glad that you have sorted this out. Good luck in future configurations!

EB.