FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
958 views 28 comments
by anonymous
So I finally have a sim with public static IP and I can ping the router on this IP.

The whole rational for the router is to allow port forward on port (say) 45123 to a PC on the lan (say) 192.168.1.7.  I have implemented the port forward rule:

Name: MyPortForward

Protocol: TCP

Source zone: wan

... any ...

External port: 45123

Internal zone: lan

Internal IP address: 192.168.1.7

Internal port: 45123

Saved and enabled.

There is no specific protocol, it is just a plain TCP socket connection.  I have implemented this rule many times on terrestrial routers of all types without any problems.  I get the feeling something in the firewall is blocking the connection out to the lan but I cannot be sure.  Surely just setting up the port forward will do whatever else is necessary ? or have I missed something ?  Spent all day on it now !

Many thanks for any help.  I am now going for a walk to clear my head !
by anonymous
So I gave up late last night; this morning I reset the TRB140 to factory defaults, then set the LAN IP and disabled DHCP in the initial log-in.  I configured my port-forward as described above.  Still no luck.

I have banged off an e-mail to the sim card people to check that they are not blocking anything, but I think not..

I set up a route on my PC to the WAN public address via the TRB140 lan ip so that traffic to the public IP would get bounced back (a technique I have used a lot) but STILL no joy.  What can I be doing wrong ??
by anonymous
Still no luck.  Although the modem said it had the latest firmware installed, it seems it didn't, so I updated it (to TRB1_R_00.07.02.1).  Reset to factory default and set up as above.  Still no port forwarding.

I have a test setup in the workshop consisting of the TRB140 with sim with public static IP (which I can ping), with static lan address 192.168.1.98.  I have a PC on 192.168.1.7 which is running SSH server on port 45123 (port 22 disabled).  I have another PC at 192.168.1.100 with the modem as the default gateway.  To recap, the modem has port-forward on port 45123 to 192.168.1.7 port 45123, and Enable NAT Loopback is ON.  (Not that it should make any difference but for info the only default setting on the modem that I changed is to turn DHCP off, as all assignments on the lan are static.)

I can SSH from modem CLI to the SSH server on 192.168.1.7.  But I cannot get to same from the other PC, using the public IP (which in any other router is 'NAT loopbacked' internally), nor from an unconnected PC via the Internet.

Port forwarding is such a basic operation that I have carried out countless times that I find it difficult to understand what might be wrong.  I can accept that there might be a problem with the SIM provider blocking ports and I have not yet had a reply (although there is no other evidence of this), but even if this were the case, the attempt from the PC via internal routing should (and in any other router would) work.

I cannot believe there is such a fundamental problem with the TRB140, but I am struggling to find an alternative explanation.

All help welcomed - I championed the TRB140 for an upcoming project based on its spec and my initial impression, but now I am beginning to look silly.
by anonymous
Still no luck.  Today I installed ZeroTier which is working.  But I cannot port-forward, I followed the instruction in the manual meticulously.

So port forwarding doesn't work for public IP, and doesn't work for ZeroTier.

Can someone reassure me that port forwarding does actually work in the TRB140 ?

1 Answer

0 votes
by anonymous

Hi Denville,

Can you try disabling the PC's firewall?
Did you change the internal port for SSH on PC to 45123? By default the port is 22 for SSH.
For testing purposes, firstly try to port forward the 3389 (RDP) protocol. For that, you need to enable RDP on the Windows PC itself.

Assign the router's IP 192.168.1.1 as a gateway in the PC's network adapter settings. Make sure that you are able to ping PC from the router and vice-versa.
Once you are done with testing, create the same scenario for SSH as well with the required port and share the results.
Please share the screenshot of the port forwarding rule that you have configured.
Here is an example of port forwarding to the Windows OpenSSH server:

Either disable the firewall of the PC for testing purposes or configure the inbound rule on it to allow traffic on port 22.

Regards,
Ramandeep

by anonymous

Could you stop the ping at 54.252.130.8 and just execute the ssh -4 45123 86.106.16.152, and the tcpdump of course ?

by anonymous
I don't know where the ping is coming from - presumably the SIM provider ?  Nothing of mine is causing it.  (Both RMS and ZeroTier are switched off)
by anonymous
Sorry for the typo in the ssh command it should be ssh -p 45123 86.106.16.152 ...
by anonymous

Understood.  But since I have no control over the ping, this will amount to the same as last time...



root@Teltonika-TRB140:~# tcpdump -i any -n -v 'icmp or port 45123'
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes
17:08:24.194651 IP (tos 0x0, ttl 229, id 22813, offset 0, flags [DF], proto ICMP (1), length 36)
52.78.68.35 > 86.106.16.152: ICMP echo request, id 32, seq 4150, length 16
17:08:24.195098 IP (tos 0x0, ttl 64, id 18008, offset 0, flags [none], proto ICMP (1), length 36)
86.106.16.152 > 52.78.68.35: ICMP echo reply, id 32, seq 4150, length 16
17:08:28.122133 IP (tos 0x20, ttl 225, id 26392, offset 0, flags [DF], proto ICMP (1), length 36)
161.189.176.176 > 86.106.16.152: ICMP echo request, id 5, seq 5110, length 16
17:08:28.122620 IP (tos 0x20, ttl 64, id 6336, offset 0, flags [none], proto ICMP (1), length 36)
86.106.16.152 > 161.189.176.176: ICMP echo reply, id 5, seq 5110, length 16
17:08:31.002873 IP (tos 0x20, ttl 225, id 5880, offset 0, flags [DF], proto ICMP (1), length 36)
52.83.15.117 > 86.106.16.152: ICMP echo request, id 24, seq 18657, length 16
17:08:31.003456 IP (tos 0x20, ttl 64, id 34251, offset 0, flags [none], proto ICMP (1), length 36)
86.106.16.152 > 52.83.15.117: ICMP echo reply, id 24, seq 18657, length 16
17:09:09.641778 IP (tos 0x0, ttl 231, id 53620, offset 0, flags [DF], proto ICMP (1), length 36)
15.152.212.86 > 86.106.16.152: ICMP echo request, id 7, seq 17172, length 16
17:09:09.642246 IP (tos 0x0, ttl 64, id 13079, offset 0, flags [none], proto ICMP (1), length 36)
86.106.16.152 > 15.152.212.86: ICMP echo reply, id 7, seq 17172, length 16
^C
8 packets captured
10 packets received by filter
0 packets dropped by kernel
root@Teltonika-TRB140:~#

by anonymous
Hi Denville,

Please share troubleshoot file of the device in Private Message to me. To download troubleshoot file got to TRB140 WebUI, navigate to System->Administrator->Troubleshoot. Click on generate button to generate troubleshoot file.

Regards,
Ramandeep