11313 questions

13477 answers

21151 comments

31530 members

0 votes
296 views 3 comments
by

Hi!

I´m using a RUTX12. The internet connection is done via mobile SIM (telekom).

I want to ping the RUTX12 from the internet using its public IP but I don´t get any response.

I enabled the following traffic rule (pic)

Is there anything else I have to enable or why do I don´t get any response from my pings?

1 Answer

0 votes
by

Hello,

 

You need to configure the "Match ICMP type". In it should be "echo-request" as shown in the image. If you then want to login to the router via ssh or WebUI, you must enable remote access to the router. To do this you can configure it through SYSTEM→ADMINISTRATION→ACCESS CONTROL.

by
Thank you for the response!

Unfortunatley I´m still not able to ping the router.

To give the bigger picture: I want to set up a VPN tunnel using wireguard. The VPN Server runs on a Raspi within the RUTX12 network. The RUTX is connected to the internet via SIM card. I added a port forwarding rule to forward port 51820 to the Raspi. This didn´t work. So I tried to ping the router to see, if the router is reachable from the internet. (the same setup with a Fritzbox works just fine - so the VPN server should be fine)

I also tried to use the Service VPN-wireguard offered by the router using this instructions (https://community.teltonika-networks.com/41712/there-generic-guide-connecting-rutx12-wireguard-provider?show=41720). This didn´t work either. I cannot connect a client to the VPN.
by
To be able to ping the router or act as a wireguard server it must have a public IP address on the mobile interface which isn't probably the case, you can check with ifconfig wwan0 from a ssh or CLI console (or on the status page).

You may have a solution if the operator gives a public IPv6 address, this is worth trying.
by

Hello,

If you cannot access the public IP of the router, port forwarding will not work. It is possible that the ICMP response is blocked in the firewall. To check this go to NETWORK→FIREWALL→ATTACK PREVENTION. Similarly, enabling remote access as mentioned above is enough to enable ICMP response. After you can access your router with the public IP, you can continue with the configuration mentioned in the other post.