FOR TIPS, gUIDES & TUTORIALS

Question

Hi there,

Need help to configure the following topology: (picture is attached)

1. Got a monitoring VM Server - 192.168.42.18 which connects thru fiber directly to the ISP's Router (192.168.42.17). They can ping each other.

2. From the other side, got another server with its own router (Teltonika RUT 950) with the SIM card in it. Mobile operator has assigned the SIM card with an IP address and the APN. The IP address of the SIM Card is 10.125.220.1 and in Teltonika it shows as interface 3g-ppp.

3. Also this RUT950 has its own LAN 10.125.220.1 , 255.255.255.224, DG - 10.125.220.1 (3g-ppp) and there are around 20 devices in that LAN.

4. So from the router CLI I can ping the Monitoring VM Server.
5. From the any device in that LAN I can ping the Monitoring Server. Well because on each device I show def.gateway the sim cards address - 10.125.220.1 (Though LAN interface address is the same).

6. The issue is that I cannot ping from Monitoring VM any device in the Teltonika LAN. I think that some static routes has to be configured. All firewalls are in accept mode.

Any idea how to solve it?

anonymous · Answer 1 · 2022-05-30T22:14:26+0000

commented May 31, 2022 by sk87

Hi there, yes please.

1. Here is the tracepath from VM server to one of the devices in the Teltonika LAN segment. Unfortunately i don't have traceroute installed on VM, and no internet access:

[email protected]:~$ tracepath -4 -b 10.129.244.164
1?: [LOCALHOST]                                pmtu 1500
1: no reply
2: ??? (10.235.20.19)                                    1.604ms
3: ??? (10.235.21.18)                                    1.955ms
4: ??? (10.235.21.26)                                    6.386ms
5: no reply
6: no reply
7: no reply
8: no reply
9: no reply
10: no reply
11: no reply
12: no reply
13: no reply

2. Tracepath from VM server to to Teltonika's 3g-ppp interface (WAN):

tracepath -4 -b 10.129.244.161
1?: [LOCALHOST]                                      pmtu 1500
1: no reply
2: ??? (10.235.20.19)                                   11.905ms
3: ??? (10.235.21.18)                                    1.891ms
4: ??? (10.235.21.26)                                    1.464ms
5: ??? (10.129.244.161)                                120.126ms reached
     Resume: pmtu 1500 hops 5 back 5

3. Here is the ifconfig of the VM:

ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
        inet 192.168.1.14 netmask 255.255.255.0 broadcast 192.168.1.255
        inet6 fe80::20c:29ff:fef9:7a70 prefixlen 64 scopeid 0x20<link>
        ether 00:0c:29:f9:7a:70 txqueuelen 1000 (Ethernet)
        RX packets 42918 bytes 3790945 (3.7 MB)
        RX errors 0 dropped 28541 overruns 0 frame 0
        TX packets 10314 bytes 8571589 (8.5 MB)
        TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
        inet 192.168.42.18 netmask 255.255.255.252 broadcast 192.168.42.19
        inet6 fe80::20c:29ff:fef9:7a7a prefixlen 64 scopeid 0x20<link>
        ether 00:0c:29:f9:7a:7a txqueuelen 1000 (Ethernet)
        RX packets 32072 bytes 2198664 (2.1 MB)
        RX errors 0 dropped 28541 overruns 0 frame 0
        TX packets 322022 bytes 76149873 (76.1 MB)
        TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
        inet 127.0.0.1 netmask 255.0.0.0
        inet6 ::1 prefixlen 128 scopeid 0x10<host>
        loop txqueuelen 1000 (Local Loopback)
        RX packets 1626709 bytes 196186728 (196.1 MB)
        RX errors 0 dropped 0 overruns 0 frame 0
        TX packets 1626709 bytes 196186728 (196.1 MB)
        TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

4. netstat -rn of the VM:

Kernel IP routing table
Destination             Gateway              Genmask               Flags   MSS      Window irtt       Iface
0.0.0.0                192.168.42.17          0.0.0.0                     UG      0               0        0       ens192
192.168.1.0              0.0.0.0         255.255.255.0                U         0               0        0       ens160
192.168.42.16            0.0.0.0         255.255.255.252          U         0               0        0       ens192

5. ifconfig of Teltonika Router:

[email protected]:~# ifconfig

3g-ppp    Link encap:Point-to-Point Protocol
          inet addr:10.129.244.161 P-t-P:10.64.64.64 Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
          RX packets:44 errors:0 dropped:0 overruns:0 frame:0
          TX packets:83286 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3
          RX bytes:1148 (1.1 KiB) TX bytes:6234428 (5.9MiB)

br-lan    Link encap:Ethernet HWaddr 00:1E:42:3F:2A:4E

          inet addr:10.129.244.161 Bcast:10.129.244.191 Mask:255.255.255.224
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:279819 errors:0 dropped:0 overruns:0 frame:0
          TX packets:57237 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:22106854 (21.0 MiB) TX bytes:30564288 (29.1 MiB)

eth0      Link encap:Ethernet HWaddr 00:1E:42:3F:2A:4E

          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:280760 errors:0 dropped:101 overruns:0 frame:0
          TX packets:57836 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:27058571 (25.8 MiB) TX bytes:31010648 (29.5 MiB)

lo        Link encap:Local Loopback

          inet addr:127.0.0.1 Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING MTU:65536 Metric:1
          RX packets:12603 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12603 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:908201 (886.9 KiB) TX bytes:908201 (886.9 KiB)

6. Route -n of the Teltonika:

[email protected]:~# route -n
Kernel IP routing table
Destination               Gateway              Genmask                Flags Metric     Ref    Use Iface
0.0.0.0                  10.64.64.64               0.0.0.0                    UG     0             0        0 3g-ppp
10.64.64.64              0.0.0.0             255.255.255.255          UH     0             0        0 3g-ppp
10.129.244.160        0.0.0.0             255.255.255.224          U       0              0        0 br-lan
192.168.42.16     10.129.244.161   255.255.255.252           UG    0              0        0 3g-ppp

7. And traceroute from Teltonika to VM server:

[email protected]:~# traceroute 192.168.42.18
traceroute to 192.168.42.18 (192.168.42.18), 30 hops max, 38 byte packets
1 * * *
2 10.235.21.19 (10.235.21.19) 228.375 ms 81.905 ms 45.711 ms
3 10.235.20.19 (10.235.20.19) 81.936 ms 37.596 ms 39.718 ms
4 * * *
5 192.168.42.18 (192.168.42.18) 43.348 ms 35.815 ms 39.822 ms

Now I think that I need a VPN tunnel in order to get into the LAN. And that is another question, since I cannot implement a VPN on the same machine, I need to create a separate VM and install a pfSense where I can create a OpenVPN and distribute the keys/certs to each Teltonika router.

commented Jun 2, 2022 by anonymous

commented Jun 3, 2022 by sk87

FOR TIPS, gUIDES & TUTORIALS

Most popular tags

Intranet with 3G PPP + LAN topology

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.