subscribe to our Youtube


14455 questions

17168 answers


0 members

We are migrating to our new platform at Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
278 views 0 comments
by anonymous
Hi, bit of an odd question here. It seems I'll need to set up a router inside a facility behind their Internet-facing router, i.e. double NAT. Not ideal, but I don't think I can do anything about that. The facility's network will provide Internet access for the Teltonika, and LTE (dynamic public IP) will be used for failover in case of issues on the wired WAN.

I can ask the facility's IT people to forward ports to the Teltonika, so I'll be able to access what I need remotely. But I'll also need some sort of dynamic DNS for this, mainly because of the failover.

My question is, will DYNDNS work across a double NAT setup? I've tried to search and found some conflicting information. My impression is that it "should" work, i.e. the DYNDNS service should somehow be able to see the public IP (of the facility's WAN connection), but I found some threads on a different manufacturer's forum where users complained that their routers were wrongly reporting the internal (behind NAT) IP. It seems the actual practice varies, so I'm curious as to how the Teltonika does this. (I haven't decided on the exact model yet, probably RUTx11).

I noticed on the Wiki that there's an "IP Source" setting but I don't fully grasp what the different options really do. I also noticed the enormous warning on the top stating that private WAN IPs won't work, but I'm guessing that's mainly related to mobile connections, not cases such as mine where I have a certain degree of control over the Internet-facing router.

1 Answer

0 votes
by anonymous


Do I understand correctly, you want to be able to access your device remotely from both WANs: wired, through port forwarding, and mobile over DDNS?

If that is the case, here is how to configure the device:

In Network -> Failover page enable failover for wan and mob1s1a1 (if your SIM is in slot 1) interfaces.

Additionally, you can edit each interface and configure option Flush connections on as below:

Next, enable remote device access in System -> Administration -> Access control page. I suggest to change default port numbers for security, independent of which remote access option you will enable.

Configure port forward on your facility's router.

Configure DDNS in your Teltonika router. Example configuration is provided below, to tie hostname to mobile public IP:

Now your device should be accessible over both, port forward, and hostname of mobile interface.

Best regards,