FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
342 views 9 comments
by anonymous
Recently I have found it not possible to connect to the router via HTTP despite making sure the option is enabled and the firewall is open to HTTP port 80. What is confusing is despite enabling this function, under the status view it indicates that the function is disabled. I am able to retrieve  the public IP via SMS and by ddns however the router fails to respond. The firmware is currently up to date, and I currently cannot reset the router to factory in case I lose the connection to reapply settings. Any advice appreciated. I have attached screenshots of Administration Remote Access Control screen and Remote Access Status screen conflict.

1 Answer

0 votes
by anonymous

Hello,

Could you check if Enable_HTTP_WAN and Enable_HTTPS_WAN rules are enabled in Network -> Firewall -> Traffic rules?

Best regards,

by anonymous

Hello ZygimantasBiliu,

Thanks for reply, yes the firewall is open to Wan Http under traffic rules, attached screenshot.

by anonymous

Have you managed to solve the issue?

Would it be possible to get a troubleshoot file from your device for deeper investigation? The file can be downloaded from System -> Administration -> Troubleshoot section.

by anonymous

No, I still have not been able to connect remotely via HTTP. I think there may be a blocked port on the mobile service provider side, which is strange as the mobile service provider has verified that port 80 is open. I can connect via RMS without issue. I have attached the troubleshoot file.

https://community.teltonika-networks.com/?qa=blob&qa_blobid=14700449786600390452

by anonymous

There are many leases from your ISP through your logs starting with 100.x.x.x, your DDNS domain name also resloves to a similar address, which I assume is a CG - NATed address. 

Could login to your device via SSH and check, what is the result of the following command:

  • curl ifconfig.co

Or simply check, whether the result of google search with "what is my ip"?, accessing internet via your router's WAN also starts with 100.x.x.x.

by anonymous

Thanks for the quick reply. There is an enabled OpenVPN client setup on the router which operates on the 10.100.10.x ip range which I can also connect to without a problem. It is only the direct links where it fails to connect. Even the direct SSH on port 21 fails, however I did connect as requested via RMS and received the IP 41.13.243.51 . I was unable to run a "whatsmyip" from behind the router as I do not have a terminal that can run that command, however the router WAN address reported in the status is different and recorded as 100.97.171.44 at the time. Attached captures of request.

by anonymous
In your case, remote HTTP(S) access and DDNS service will not work.

OpenVPN works, because client's instance requires only internet access, it does not need to have a pubic IP.
by anonymous
Ok, thanks for the clarification. Just to understand correctly, I would need to disable the openVPN client to allow direct WAN access?
by anonymous
You do not have to disable VPN. What you need is a public IP. In many instances it is actually a paid service, and not always provided for private clients. What is currently assigned to you by the ISP, the various addresses from 100.x.x.x pool, comes from your provider's intermediate network, before actually going out to the internet. This is done due to limited amount of publicly routable unique addresses, to increase the number of connections.
by anonymous
Thanks, understood. I will refer to the service provider..