FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
422 views 7 comments
by anonymous
I have a SIM that comes with a /30  IPv4 routed subnet + 1 IP for the wwan0 interface, and am struggling to get this working. I have given the router the first usable IP on the LAN and a test PC the last usable IP but I can't get on the internet.

I cannot see an obvious way to completely disable NAT. I can create NAT policies but this seems more like for doing port forwards.

Is there a guide to setting up a RUT240 in this way?

1 Answer

0 votes
by anonymous

Hello,

Thank you for reaching out!

I believe the option you're looking for is bridge or passthrough mode. This can be configured by navigating to Network → Interfaces → Edit MOB1S1A1 interface and set it to one of these modes. Differences between them:

  • Bridge - bridges the LTE data connection with LAN. The device assigns its WAN IP address to another device (first connected to LAN or specified with MAC address). Using Bridge mode will disable most of the device’s capabilities.
  • Passthrough - in this mode the RUT240 shares its WAN IP with a single LAN device (first connected to LAN or specified with MAC address). The LAN device will get a WAN IP of RUT240 instead of a LAN IP. Using Passthrough mode will disable most of the device’s capabilities.
  • More information about these modes can be found here.

In both cases, the router will be accessible by setting a static IP on the PC and navigating to the previously set private IP (192.168.1.1 is the default). This configuration will also depend on how the carrier handles IP address assignment.

Let me know if this doesn't help.

Best regards,

DaumantasG

EDIT: If public IP addresses are not needed on devices, this response may also be helpful. This will also let you keep all of the router functions.

by anonymous

Hmm. I have sufficient IP addressing that both the firewall and the router can have a public IP address. I would prefer this as then we still have management access to the router through its public IP address. Ie, I want the routed subnet to be routed.

Diagram of how I want it to work:

by anonymous

Hello,

In this case, it should be enough to disable the Masquerading in the WAN zone.
To achieve this, navigate to Network → Firewall → General Settings. Then disable the Masquerading option for the WAN zone.

After disabling it, a firewall restart might be necessary. This can be done by simply restarting the router or navigating to System → CLI.

Login is always root, the password is the same as for WebUI. From there, run the command:

/etc/init.d/firewall restart

And that should be it!

Let me know if any more information is needed!

Best regards,

DaumnatasG

by anonymous
OK, I had already done this. I am going to factory the router and start again.
by anonymous

Should I be able to see traffic to the routed subnet if I do a tcpdump on wwan0? I am suspicious that the provider is not actually routing the routed subnet to us because when I ping all three IPs from outside, I only ever see traffic to the wwan0 IP [109.109.149.68]

by anonymous
Could you also verify that the LAN devices can reach the internet and have IP addresses assigned to them?

This does sound like it could be an ISP issue, however, let's verify, that RUT240 is doing everything as it should.
by anonymous
Issue was with the routed subnet, provider had not provisioned it properly. All working now in "NAT" mode with NAT turned off.

I think this mode should have a different name as it is confusing.
by anonymous
Hello,

Glad it's all sorted now.
Masquerading is an IPtables term, that's why it's named like this in our implementation.
If this question ever arises with our RnD team, I'll make sure it gets mentioned.

Best regards,
DaumantasG