Question

Hi community!

I have a RUT955 with LAN1 connected to a switch on an existing network (192.168.201.x). LAN1 interface has a static IP of 192.168.201.6

The RUT is connected to 4G and WireGuard VPN (10.254.0.x)

I can access the RUT web interface via 4G/WireGuard

I can ping the devices on the 192.168.201.x network from RUT CLI

I have setup a port forward on WireGuard (port 2001) to forward to 192.168.201.73 port 80 but I can't see the web interface of the 192.168.201.73 device. If I plug directly into the network switch, http://192.168.201.73:80 works fine.

We have dozens of RUT240's setup in a similar way and they all work fine.. is there something I'm missing on the RUT955 that will allow me to talk to the devices on the 192.168.201.x network via 4G/WireGuard/port forwarding?

thanks in advance

Answer 1

Hello,

With Wireguard you don't need port forwarding in order to reach devices behind the RUT, instead add 192.168.201.0/24 to the Allowed IPs list on the server at the other end of the tunnel and allow forwarding from wireguard -> lan in the firewall configuration. Then you should be able to reach 192.168.201.73:80 directly.

 > I can access the RUT web interface via 4G/WireGuard

Using which address ?

Regards,

Comments

Thank you.. I have made the changes as suggested but can't see anything on the 192.168.201.x network

This is the server config file and I'm getting a handshake

[Peer]

PublicKey = [removed]

AllowedIPs = 10.254.0.220/32, 192.168.201.0/24

i can access the RUT web browser via http://10.254.0.220

---

> i can access the RUT web browser via http://10.254.0.220

And via http://192.168.201.6 ?

Check the firewall from Network->firewall: set both wireguard->lan and lan->wireguard to accept / accept / accept

Start a tcpdump on the RUT: tcpdump -i any -n -v icmp

and from the server ping 192.168.201.6, ping 192.168.201.73 ...

What do you see ?