Hello,
1. You advise me to “allow remote http access” to the webUI of the RUT240.
I don’t need to have remote access from the WAN to the webUI of RUT240. In addition, i don’t understand why the activation of the remote http access would allow the well functioning of the port forwarding.
Sorry, you're right. Http remote access is not needed to use port forwarding.
2. You advise me to “set up a static ip address to my lan equipment”.
Are Port forwarding only functional with static ip of my lan equipment ? Are Port forwarding possible with dynamic ip of the lan equipment ? If it is, i am interested to know how to do.
No, Port forwarding can work with static IP or dynamic IP, but it's a good practice to assign a static IP to the end device, due if the DHCP server change the LAN IP address, you'll reach your end device as expected.
3. You advise me to “create a port forwarding from wan network to my lan device”.
3.1 What are the minimum parameters to fill in port forwarding config page to allow a well functioning port forwarding ? RUT240_Firewall#Port_Forwarding
Only this step is needed to configure your port forwarding. (Adding a new port forward rule)
https://wiki.teltonika-networks.com/view/RUT240_Firewall#New_Port_Forward_Rule
3.2 Do you know the difference between “Source port” and “External port” (and “Source ip address” and “External ip address) ? Which of both have i to use ?
To use port forwarding, you don't need to use all these parameters, this option is useful when you need to access to your device from a specific IP, if it's not your case, you can leave it in blank. The same with External parameters.
- Source Port and IP are related to the third party device (Server) you want to get the inbound traffic.
- External IP and port are related to the current WAN IP of your RUT device (Remember you can have more than one interface with differents IP's)
https://wiki.teltonika-networks.com/view/RUTX11_Firewall#Traffic_Rule_Configuration
3.3 Port forwarding from WAN can cause security issues for the LAN, perhaps if all parameters allowing a secure port forwarding are not used with the router. Do you know how to allow a secure port forwarding, in order to reduce risk at minimum ?
The best way to do it is using traffic rules and filter with the specific parameters of your topology.
For instance, connect from a specific IP and port to a specific IP and port. For this you should have static IP's, but everything will depends of the project. A simply port forwarding should be enough in the most of cases.
4. I am using a SIM card in the RUT240, so i confirm you i got various Public IP address, each time RUT240 reached the wan.
I didn't quite understand this one, can you please elaborate it a little more?