FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
1,124 views 26 comments
by anonymous
Hi,

I am trying to set up a little web-based dashboard displaying some live data at a remote location running on a Raspberry Pi. It is connected to a RUT240 (FW_version RUT2_R_00.07.02.6)  for internet access over mobile network. My ISP is german Telekom and they provide a static IPv6 Address on the SIM-Card.

I managed to set the router up so that i could reach it on it's IPv6 address over the public internet (both Web-UI and SSH). Now i want to do the configuration to reach the actual dashboard over the web. I am new to IPv6 in general and want to do this properly. From what i have read so far the approach is different from just setting a simple port forwarding rule in the firewall as in IPv4.

Could anyone give me some guidance on how to do this safely on RUT240?

Kind regards

1 Answer

+1 vote
by anonymous

Hello,

Maybe this comment will help you start the configuration. What is the prefix of your IPV6 public address ?

Regards,

by anonymous

> Which version of the firmware do you use ? Is there something special on the Pi ?

there should not be anything special with the Pi, i have been using it for some time doing different things with it, i will try flashing it with a completely blank OS

> When using the [2a01:x] address in the address bar also ?

Yes, from all three  (2a01:x, fdf5:x & fe80:x) addresses...

> From the Pi, can you ping all the ipv6 addresses of the win machine ? From the router ?

pi@raspberrypi:~$ ping -c 1 2a01:x:4129
PING 2a01:x:4129(2a01:x:4129) 56 data bytes
64 bytes from 2a01:x:4129: icmp_seq=1 ttl=64 time=1.36 ms

--- 2a01:x:4129 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.361/1.361/1.361/0.000 ms

pi@raspberrypi:~$ ping -c 1 fdf5:x:4129
PING fdf5:x:4129(fdf5:x:4129) 56 data bytes
64 bytes from fdf5:x:4129: icmp_seq=1 ttl=64 time=0.924 ms

--- fdf5:x:4129 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.924/0.924/0.924/0.000 ms

pi@raspberrypi:~$ ping -c 1 fe80:x:4129
connect: Invalid argument

Pinging the Windows machine from the Pi works on 2a01:x and fdf5:x address but not on fe80:x

root@Teltonika-RUT240:~# ping -c 1 2a01:x:4129
PING 2a01:x:4129 (2a01:x:4129): 56 data bytes

--- 2a01:x:4129 ping statistics ---
1 packets transmitted, 0 packets received, 100% packet loss

root@Teltonika-RUT240:~# ping -c 1 fdf5:x:4129
PING fdf5:x:4129 (fdf5:x:4129): 56 data bytes
64 bytes from fdf5:x:4129: seq=0 ttl=64 time=3.111 ms

--- fdf5:x:4129 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 3.111/3.111/3.111 ms

root@Teltonika-RUT240:~# ping -c 1 fe80:x:4129
PING fe80:x:4129 (fe80:x:4129): 56 data bytes
64 bytes from fe80:x:4129: seq=0 ttl=64 time=1.835 ms

--- fe80:x:4129 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 1.835/1.835/1.835 ms

Pinging the Windows machine from the Router works on fe80:x and fdf5:x address but not on 2a01:x

by anonymous
What do you have in ip6tables -n -L on the Pi ? Or nftables if it is the new version ?
by anonymous

I have flashed a fresh OS to the Pi now to make sure that none of my config was causing these issues. This is what i get from the IP6tables command:

pi@raspberrypi:~$ sudo ip6tables -n -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

I also went back to redo the Settings on the RUT240. The steps i took from factory default are:

  1. in Network->Interfaces: set WAN &WAN6 to stop
  2. in Network->Interfaces->LAN->Physical Settings->Interface: add eth0 and br-lan
  3. in Network->Interfaces->MOB1S1A1:
    1. set PDP Type to IPv4/IPv6,
    2. set Auto APN to off,
    3. set custom APN to festip.telekom
    4. set Authentication Type to NONE
  4. in Network->Interfaces->MOB1S1A1->Advances Settings: made sure that Use builtin IPv6-management is ON
  5. in Network->Interfaces->LAN->DHCP Server->IPV6 Settings:
    1. set Router Advertisement-Service to Hybrid Mode
    2. set DHCPv6 Service to Hybrid Mode
    3. set NDP-Proxy to Hybrid Mode
    4. set DHCPv6-Mode to Stateless + stateful
    5. set Always announce default router to ON

by anonymous

Adding: i have removed br-lan from Network->Interfaces->LAN->Physical Settings->Interface again.

I did not do that in the setup before and i realized that the devices on the LAN will not receive public IPv6 address with the 2a01:x prefix if it is selected...

by anonymous

> in Network->Interfaces->LAN->DHCP Server->IPV6 Settings:

Do you have 'Use builtin IPv6-management' set ?

I did not do that in the setup before and i realized that the devices on the LAN will not receive public IPv6 address with the 2a01:x prefix if it is selected...

Something is wrong here.