FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
+1 vote
2,434 views 12 comments
by anonymous

Trying for a week now and no use. I followed this guide to the letter 3x times, but even the writer says: "quite a few folks have had difficulty getting the Rut240 to work with Wireguard." 

I just can't get the RUT240 to successfully set up Wireguard VPN (via Linode). I need this because in my country there is no ISP that provides static IP sim cards or the option to add static IP on their end. It's for off-grid Helium mining, and I'm now stuck with a couple of expensive RUT240s that have no (intended) use. Specifically what happens, when everything is set and done (on the newest firmware) is the Bobcat (miner) instead of moving from NAT: none becomes NAT: symmetric & relayed = faulty. 

Can anybody please provide guidance or help, even if it a paid service? 

Still waiting for someone to answer this question, but I guess Teltonika doesn't want to step forward and help current and future potential hundreds of thousands of users... 

4 Answers

0 votes
by anonymous
Hello,

Could you attach your Wireguard settings and a troubleshoot file from your router? (do it by editing the original query so that files could be visible only to engineers)

Regards.
by anonymous

Done. Hope that's all you need  - were looking fo (&more). :)

  • Edit 25th November: Added MTR results from terminal (redacted). Says failure to open IPV4 and V6 sockets.
  • Edit 26th November: Added feedback screenshot from Linode mentioning possible rate limiting going on at AS8447 and the recommendation to troubleshoot the SSH connection.
  • Edit 29th November (afternoon): Removed from Wireguard VPN while waiting for answer because there is no use... 
0 votes
by anonymous

Hello,

Please refer to this guide for details on how to setup the RUT240 to establish a WireGuard VPN tunnel and configure a port forward via the VPN tunnel. The main points to look out for when configuring the port forward is making sure that WireGuard tunnel itself is established and that the port forward has the correct firewall zone configured to make it work. 

If you run into any further issues, please send me a private message regarding this issue and attach any relevant screenshots or files.

Best regards,

Tomas.

by anonymous

Hello,

this manual has some bug. Thank to this my Wireguards is working properly with PC and Android, thank you.  BUT RUT240 itself is still connected to Mobile IP and other device are not connected to VPS but to mobile... Mainer is showing relayed and its IP is form  Mobile provider not My Wireguard server. Other devices can commmunikate with VPS by VPN without wireguard on the router. Only one advance with WG on RUT240  is that I can manage forwarding to remote accest to router and miner. 

Plese help me. Thank you

by anonymous

Hello,

It is impossible to set RUT240 (or any router for that matter) to obtain a VPS IP address on its WAN interface - it simply doesn't work this way. Additionally, the guide in question shows how to configure a port forward through the tunnel but the configuration is set in such a way so that it doesn't forward all the traffic via tunnel, only the traffic destined for the tunnel (port forwarded traffic) will go through it. Everything else will be routed via the mobile interface natively, without using any proxy service.

The only thing that can be changed is the external IP address that the internet sees on the outside (source IP) - this is possible to setup by configuring the WireGuard tunnel as a full proxy to forward all traffic coming from LAN via WireGuard tunnel to the server by setting a route of either "0.0.0.0/0" or "0.0.0.0/1" and "128.0.0.0/1" as the allowed IPs in the tunnel from the client (RUT240) side.

Best regards,

Tomas.

by anonymous
Dear Thomas,

The advice with Full Proxy was the exact solution. Now my miner has correct setting and work properly.

Thank you for your fast and effective helps. I should not change my router and could stay faithfull with Teltonica products.

Best regards

Michal
by anonymous

Dear Thomas,

I have followed the guide "scenario 3". The wireguard tunnel is working. 

I am also facing the issues:

  •  NAT is symmetric
  • hotspot is relayed. 

Can you please let me know how to configure wireguard in full proxy? Apparently, this solutions solved the problem of Michal. Do I have to edit the port forwarding rule or the wireguard configuration?

Thank you very much for your help and support.

All the best

+1 vote
by anonymous

Hi Tomas

Could you please share more information what you mean with "full proxy"?

Best wishes

Mario 

by anonymous

Hi Thomas

I am also facing the issues:

  •  NAT is symmetric
  • hotspot is relayed. 

I would also be interested if you could please explain in more detail how to configure wireguard in full proxy to see if this would solve my issue?

Thanks

by anonymous
I'm in the same boat. All my miners running behind a RUT240 with Wireguard have Symmetric NAT. What exactly is changed after the VPN running is up and running. Thank you!
by anonymous

I found the solution above fixed this for me. if you go into the WireGuard vpn setting on the rut 240 and edit peers. Then change the allowed IPs to "0.0.0.0/1" and "128.0.0.0/1". Doing this fixed the issue for me and the miner is no longer relayed.

by anonymous
Got it, thank you! The NAT instantly changed to 'None' after the change.
by anonymous
Hi, thanks for your solution. I have edited the wireguard peer with the two allowed IP address 0.0.0.0/1 and 128.0.0.0/1. Unfortunately, the miner is still relayed. Did you restarted the miner and the router? How long did it take for the relayed status to be fixed? Can you please guys share a print screen of the settings?

Thanks in advance for your help.

All the best
0 votes
by anonymous
Hello i have similar Problem can not establish wireguard VPN from mobile phone to RUT240. I am open reverse ssh from RUT240 to clod vm with public ip and tunnel the port 51820 to RUT240. I have the newest firmware but VPN come not up.
by anonymous
Hi, do I have to delete the entry from the tutorial with 10.0.1.2/32 ? So that only 0.0.0.0/1 and 128.0.0.0/1 is in the field?
by anonymous
Yes, that is what I did.