Question

Hi,

I am trying to get a Helium miner online using the RUT240. After quite a lot of troubleshooting around OpenVPN and then Wireguard (following the tutorial), I am back to square one to get the basics working. I don't think my VPN is the issue.

Trial setup:

• RUT240 with clean RUT2_R_00.07.01.2 firmware and factory settings
• RUT240 connected to my local network via WAN port (assigned IP: 192.168.2.84)
• 4G not connected, SIM card not inserted
• Miner connected to RUT240 LAN port (assigned IP: 192.168.1.123)
• Only changes:
  • Port Forwarding rule added from WAN anyIP:44158/tcp to LAN 192.168.1.123:44158/tcp
  • Port Forwarding rule added from WAN anyIP:80/tcp to LAN 192.168.1.123:80/tcp

Internally (via SSH): Connecting to port 80 via curl as well as connecting to port 44158 via telnet do work.

Externally: Both attempts result in a timeout. Connecting to different ports (e.g. 44157) results in "Connection refused"

So it seems to me, that the RUT240 is accepting the connection attempts, but fails at properly forwarding them. Any ideas where to look?

Cheers,

Hans

Answer 1

Hello,

How exactly are you checking whether the port is open from the external (WAN) side? Are you using some tool from 192.168.2.0/24 subnet to check the port forward or some third-party port checker to see if the port is open? From the information you've provided I can see that your WAN IP is 192.168.2.84 which means it's behind another router/NAT device. Does that other router/NAT device have port forwards (80 tcp & 44158 tcp) configured to the RUT240? Also, could you please generate and send me over a troubleshoot file from the RUT240? I'll leave instructions regarding how to generate the troubleshoot file as well as brief description about what it is below.

What's a troubleshoot file and how to generate it?

A Troubleshoot file contains the device's event logs, configuration files and other information useful for diagnostics. It can be downloaded from your device's WebUI, Troubleshoot page:

System → Administration → Troubleshoot

Best regards,

Tomas.

Comments

Hello Tomas,

I sent you the troubleshoot file via DM.

I have got a computer connected to the WAN network, from which I am trying to access the ports on the RUT240 (this is a test setup). For the port 80 forward I am using curl, for port 44158 I am using telnet. When I am connected via SSH to the RUT240, I can access both ports on the Helium miner.

Best regards,

Hans

---

Hello,

I've taken a look at the troubleshoot file and noticed some anomalies in the firewall settings. Generally, when doing port forwarding via VPN tunnel, it is necessary to select the VPN tunnel zone as the incoming traffic zone. In your case, however, there is no VPN tunnel running but I did notice a second firewall zone "wan2" in the /etc/config/firewall configuration file which also includes "wan" interface (which is already included in the "wan" zone). This is causing a firewall rule conflict which most likely prevents port forwarding from working the way it should. Please reset your device and create a regular port forward rule without adding any additional zones or remove currently conflicting "wan2" zone and re-apply the port forward configuration and see if things start working as intended.

I'd highly recommend simply resetting the device via WebUI at System>Backup>Restore and configuring nothing but a regular port forward to the miner.

Best regards,

Tomas.

---

Hello,

I actually thought I had done this, but tried it again. The port forward finally worked. And after reading about the issues with the firewall and tun-naming for OpenVPN (tun0 vs. tun_0), I also got the VPN-setup to work.

Thank you for your help!

Hans