FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
533 views 1 comments
by anonymous
Dear all,

This is my first post on this site and thanks in advance for any help you can give me.  I think my question is quite straightforward but I can't find a simple explanation anywhere else so any help would be much appreciated..

I am visiting a remote site next week to set up a 4G connection to allow remote monitoring and control of a heating and cooling system.   The system already benefits from a WAGO webvisu control system but this currently works only on the local network.  So it can be accessed whilst someone is physically at the location by plugging in a laptop but has no current connectivity to the outside world.

My intent is to install a RUT950 4G modem with a SIM card which has a fixed public IP address.  I have such a card - let's say its address is 12.345.67.890 and I have the APN info etc to set this up.    Once the RUT950 is installed I will plug the RJ45 cable linking to the WAGO control unit into the LAN port of the RUT950.   I have the local fixed IP address of the WAGO control unit -  it's 192.168.1.1.

My questions are:

1.   Is someone able to tell me what settings  I need to change on the RUT950 to allow remote access over the mobile network through the RUT950 to access the WAGO webvisu?

2.   Is it a problem that the RUT950 and the WAGO control unit currently have the same local fixed IP address.  Is this easy to change on the RUT950?

3.   When this is up and running, when remote access is required what do I physically type into my browser to gain access.  Is it as simple as http://12.345.67.890?  Or is there some additional address element required?

I feel my questions are probably ridiculously simple but having looked extensively for the information I haven't found these answers set out in a way I can understand.  Where I am going next week is quite remote so I'd like to go forearmed with as much info as possible.

Thanks in advance for any help.

Frosty

1 Answer

0 votes
by anonymous

Hello,

1. There are several options you can go with the remote access:

  • Port forwarding

The simplest solution for remote local network device access. It can be configured in the router's WebUI Network -> Firewall -> Port forwards section. There you have to specify the external port, which will then be redirected to the associated local device and service port you want to access. You can find more details about configuration options here. Keep in mind that port forwarding is not the most secure solution and for this I would suggest to make sure that you use strong passwords on the devices you enable access to, if possible, restrict access by source MAC, IP addresses, set unconventional destination port (if web interface is accessible via port 80, reconfigure this option in your controller to a more random number).

  • VPN

This solution provides more security. The go to options would be OpenVPN or Wireguard, however, Teltonika supports a number of VPN protocols. For the reference configurations, check the following links:

OpenVPN link. Instructions here are made for legacy design firmware, but apply for current RutOS as well.

Wireguard link.

Since these are Layer3 protocols, the LAN network you initiate the access from will have to be in a different subnet than the LAN network you want to access. As an alternative, to bridge the networks, you can use TAP mode of OpenVPN instead of TUN, but you will need to be mindful about the devices IPs on both networks. 

  • RMS

Teltonika also provides it's own cloud solution, Remote Management System, which allows to monitor and manage both, the router and the devices connected to the routers. The feature to allow remote access to your controller that I would suggest is VPN HUBs. You can see how RMS is configured to enable remote access in this video.

2. Briefly, it is a problem that the RUT950 and the WAGO control unit currently have the same local fixed IP address. It creates a routing conflict and one of them will have to be changed. In RUT240 it can be easily achieved by editing LAN interface settings in Network -> Interfaces section.

3. In case of port forwarding you will need to enter the public IP address of the RUT950 and the associated external port in the browser. If your solution is VPN or RMS, you should be able access the control unit by simply typing its LAN IP

Best regards,

by anonymous
Many thanks for this helpful response.