Question

Will TRB140 with a 4G sim WAN connection, disable the firewall completely when running in PASSTHROUGH mode?

I have a TRB140 infront of a Cisco ASA. The only purpose of the TRB140 is to give a public static IP and to pass ALL traffic to the ASA.

The ASA do get the IP from the TRB140, but no traffic reaches the ASA when trying to connect via the internet. The ASA works fine when I connect directly to the ASA outside interface without the TRB140.

I need SSH and HTTPS access to the ASA....and eventually IPSEC traffic.

I don't seem to be able to find any videos or docs on how to set this up. This is my first Teltonika device, so that could be part of the problem :)

Answer 1

Hi HunterForce,

The firewall rules of the device do not apply to the device that received the IP from the mobile carrier on the Passthrough mode.

Even did some testing here to confirm that, i've ran a HTTP server on my computer on port 8000 and tried to block the port 8000 on the firewall of the TRB140, it did nothing and i was still able to reach the computer HTTP server. But i was able to block this port using the windows firewall.

So what i can recommend you is to check the firewall configuration on your Cisco ASA device and open the necessary ports. Maybe it has some option similar to the one that exist on RUT devices called "Block HTTP/SSH access from WAN".

Best regards.

Comments

Hi HunterForce,

Actually, i've found that the "zone" settings on the firewall can block outside traffic to the device with the public IP on passthrough mode, but only if you change the default settings it.

I was able to recreate your scenario (when the device can reach the internet but you cant reach it from the internet) by doing these following changes https://prnt.sc/UowVowBxnhxv.

If it doesnt work, even after verifying the firewall setting on the Cisco device, i'd recommend you trying changing the zone settings for something like this: https://prnt.sc/1HQXlKFSLNYS

Best regards.