FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

11982 questions

14260 answers

22474 comments

35627 members

0 votes
105 views 3 comments
by
Hi there,

Need help to configure the following topology: (picture is attached)

1. Got a monitoring VM Server - 192.168.42.18 which connects thru fiber directly to the ISP's Router (192.168.42.17). They can ping each other.

2. From the other side, got another server with its own router (Teltonika RUT 950) with the SIM card in it. Mobile operator has assigned the SIM card with an IP address and the APN. The IP address of the SIM Card is 10.125.220.1 and in Teltonika it shows as interface 3g-ppp.

3. Also this RUT950 has its own LAN 10.125.220.1 , 255.255.255.224, DG - 10.125.220.1 (3g-ppp) and there are around 20 devices in that LAN.

4. So from the router CLI I can ping the Monitoring VM Server.
5. From the any device in that LAN I can ping the Monitoring Server. Well because on each device I show def.gateway the sim cards address - 10.125.220.1 (Though LAN interface address is the same).

6. The issue is that I cannot ping from Monitoring VM any device in the Teltonika LAN. I think that some static routes has to be configured. All firewalls are in accept mode.

Any idea how to solve it?

1 Answer

+1 vote
by

Hi,

You could do a traceroute from VM server to one of the IPs on LAN network of RUT950 and check if your reaching via the right path. Share results if possible.

Regards

by
Hi there, yes please.

1. Here is the tracepath from VM server to one of the devices in the Teltonika LAN segment. Unfortunately i don't have traceroute installed on VM, and no internet access:

ubu@ls-mosaic-01:~$ tracepath -4 -b 10.129.244.164
 1?: [LOCALHOST]                                pmtu 1500
 1:  no reply
 2:  ??? (10.235.20.19)                                    1.604ms
 3:  ??? (10.235.21.18)                                    1.955ms
 4:  ??? (10.235.21.26)                                    6.386ms
 5:  no reply
 6:  no reply
 7:  no reply
 8:  no reply
 9:  no reply
10:  no reply
11:  no reply
12:  no reply
13:  no reply

2. Tracepath from VM server to to Teltonika's 3g-ppp interface (WAN):

tracepath -4 -b 10.129.244.161
 1?: [LOCALHOST]                                      pmtu 1500
 1:  no reply
 2:  ??? (10.235.20.19)                                   11.905ms
 3:  ??? (10.235.21.18)                                    1.891ms
 4:  ??? (10.235.21.26)                                    1.464ms
 5:  ??? (10.129.244.161)                                120.126ms reached
     Resume: pmtu 1500 hops 5 back 5

3. Here is the ifconfig of the VM:

ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.14  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::20c:29ff:fef9:7a70  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:f9:7a:70  txqueuelen 1000  (Ethernet)
        RX packets 42918  bytes 3790945 (3.7 MB)
        RX errors 0  dropped 28541  overruns 0  frame 0
        TX packets 10314  bytes 8571589 (8.5 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.42.18  netmask 255.255.255.252  broadcast 192.168.42.19
        inet6 fe80::20c:29ff:fef9:7a7a  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:f9:7a:7a  txqueuelen 1000  (Ethernet)
        RX packets 32072  bytes 2198664 (2.1 MB)
        RX errors 0  dropped 28541  overruns 0  frame 0
        TX packets 322022  bytes 76149873 (76.1 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 1626709  bytes 196186728 (196.1 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1626709  bytes 196186728 (196.1 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

4. netstat -rn of the VM:

Kernel IP routing table
Destination             Gateway              Genmask               Flags   MSS      Window  irtt       Iface
0.0.0.0                192.168.42.17          0.0.0.0                     UG      0               0        0       ens192
192.168.1.0              0.0.0.0         255.255.255.0                U         0               0        0       ens160
192.168.42.16            0.0.0.0         255.255.255.252          U         0               0        0       ens192

5. ifconfig of Teltonika Router:

root@Teltonika-RUT950:~# ifconfig

3g-ppp    Link encap:Point-to-Point Protocol                  
          inet addr:10.129.244.161  P-t-P:10.64.64.64  Mask:255.255.255.255                                 
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1        
          RX packets:44 errors:0 dropped:0 overruns:0 frame:0
          TX packets:83286 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3        
          RX bytes:1148 (1.1 KiB)  TX bytes:6234428 (5.9MiB)
          
br-lan    Link encap:Ethernet  HWaddr 00:1E:42:3F:2A:4E
                                                                                          
          inet addr:10.129.244.161  Bcast:10.129.244.191  Mask:255.255.255.224                                                                             
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:279819 errors:0 dropped:0 overruns:0 frame:0
          TX packets:57237 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0            
          RX bytes:22106854 (21.0 MiB)  TX bytes:30564288 (29.1 MiB)   
      
eth0      Link encap:Ethernet  HWaddr 00:1E:42:3F:2A:4E
 
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:280760 errors:0 dropped:101 overruns:0 frame:0
          TX packets:57836 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:27058571 (25.8 MiB)  TX bytes:31010648 (29.5 MiB)
                                                                        
lo        Link encap:Local Loopback
   
          inet addr:127.0.0.1  Mask:255.0.0.0                                        
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:12603 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12603 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:908201 (886.9 KiB)  TX bytes:908201 (886.9 KiB)     

6. Route -n of the Teltonika:

root@Teltonika-RUT950:~# route -n
Kernel IP routing table
Destination               Gateway              Genmask                Flags Metric     Ref    Use Iface
0.0.0.0                  10.64.64.64               0.0.0.0                    UG     0             0        0 3g-ppp
10.64.64.64              0.0.0.0             255.255.255.255          UH     0             0        0 3g-ppp
10.129.244.160        0.0.0.0             255.255.255.224          U       0              0        0 br-lan
192.168.42.16     10.129.244.161   255.255.255.252           UG    0              0        0 3g-ppp

7. And traceroute from Teltonika to VM server:

root@Teltonika-RUT950:~# traceroute 192.168.42.18                                                                                                                                                                                                                                         
traceroute to 192.168.42.18 (192.168.42.18), 30 hops max, 38 byte packets
 1  *  *  *
 2  10.235.21.19 (10.235.21.19)  228.375 ms  81.905 ms  45.711 ms
 3  10.235.20.19 (10.235.20.19)  81.936 ms  37.596 ms  39.718 ms
 4  *  *  *
 5  192.168.42.18 (192.168.42.18)  43.348 ms  35.815 ms  39.822 ms

Now I think that I need a VPN tunnel in order to get into the LAN. And that is another question, since I cannot implement a VPN on the same machine, I need to create a separate VM and install a pfSense where I can create a OpenVPN and distribute the keys/certs to each Teltonika router.
by
Hi,

Does your network operator is providing you a private network and private APN for your scenario?

Can you confirm the mode you have configured in your mobile interface?

Regards
by

Hi there,

yes this is a kind of a "intranet", and they provided us with a separate channel with a separate APN.

One thing to add is that I updated the Teltonika's firmware from "RUT9XX_R_00.06.08.6_WEBUI" to "RUT9_R_00.07.01.2_WEBUI" and the GUI has changed, as well as the interface names. Now instead of 3g-ppp I have mob1s1sA:

Here's a screenshot of RUT's Interfaces