FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
225 views 7 comments
by anonymous
I have a problem setting up Port Forwarding in the following configuration with TRB140: wan side SIM: APN IP address 10.231.64.1/32, lan address: 10.0.0.11/24

I set Port Forwarding to From:AnyHost in wan at Port 8000 To:IP10.0.0.1, Port 80 in lan.

I access from PC with IP address 10.42.168.221, remote access to TRB 140 works (both ports 80 and 443) but port forwarding does not work.

Please advise what to set..

1 Answer

0 votes
by anonymous

Hello,

  

Your network topology would be helpful here.

Is your PC connected to the same LTE network? 

Are you using a private APN from your provider?

Are you using the latest firmware version?

Could you also share your troubleshoot file? It can be generated by navigating to System → Administration → Troubleshoot and can be attached to the original post. It will only be visible to Teltonika moderators.

  

Best regards,
DaumantasG

by anonymous

Hi , thank for reply:

Your network topology would be helpful here. - Uploaded to original post.

Is your PC connected to the same LTE network?  - PC is part of company LAN, remote access to TRB Web is working so routing seems OK, all communication is done inside private LAN network on private IP adresses, no public IP adresses are used

Are you using a private APN from your provider? - Yes, it is private APN

Are you using the latest firmware version? - TRB1_R_00.07.03.2

Could you also share your troubleshoot file? - Uploaded to original post.

Regards Vladimír

by anonymous
Hello,

  

could you try specifying the source port as 8000, and leaving the external port empty?

  

Best regards,
DaumantasG
by anonymous
Hello, I set:

external zone: wan,wan6,mob1sta1

source port:  8000

external port:  empty

internal zone: lan

internal IP : 10.0.0.1

internal port: 80

It is stil not working

Regards Vladimír
by anonymous

Could you verify that the packets are not coming through?

A tool called TCPdump can be installed to monitor traffic on different interfaces. To install it, log into the SSH/CLI, and run these commands:

opkg update (ignore the errors at the end)

opkg install tcpdump

tcpdump -i wwan0 (to monitor the incoming packets)

tcpdump -i br-lan (to monitor the packets within the LAN network)

Perhaps the packets are not even reaching the TRB140? Also, please keep in mind that pings will not reach the client, as only TCP and UDP packets are allowed through. For troubleshooting purposes, I'd recommend selecting the protocol as All, to forward all of the packets to the client.

Let me know if you notice anything.

  

Best regards,
DaumantasG

by anonymous

Hello, I installed tcpdump but tcpdump -i wwan0 command says, that there is not such device, how can i get correct name ?¨

Thanks Vladimír

by anonymous
Hello, thanks for advise, i dumped packets on wan input:
16:17:31.898460 IP 10.42.168.112.63676 > 10.231.64.1.8000: Flags [S], seq 2257517421, win 64896, options [mss 1344,nop,wscale 8,nop,nop,sackOK], length 0                                                                                                                                     
and also on LAN side:
16:14:30.818204 IP 10.42.168.112.63647 > 10.0.0.1.80: Flags [S], seq 1048613152, win 64896, options [mss 1344,nop,wscale 8,nop,nop,sackOK], length 0                                                                                                                                                                        

And it shows that packets/ports are forwarded by TRB 140 as requiered, and  also here we saw the problem why connection is not working. Source address is from different network 10.42.x.x and WEB on 10.0.0.1:80 sends answer back wia default GW not wia my TRB on 10.0.011. I tryed to write NAT rule from WAN to LAN to change source address and it seems to be working.  
Thank you very much for help a reasonable advise
Best regards Vladimír
by anonymous
Hello,

  

Glad you solved it. Indeed, this could have been the issue.

If possible, I'd ask you to share the rule you used, so in case anyone else stumbles upon this issue, they could try this as a solution. Thank you!

    

Best regards,
DaumantasG