FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
553 views 15 comments
by anonymous
Hello,

I have configured a RUT241, which receives an ip wan with a sim card to connect to a private network

when i ping this ip address, i have a connection

I have enabled access to the webui with wan but I can't connect

2 Answers

0 votes
by anonymous

Hello,

  

Could you try enabling Remote SSH Access in System → Administration → Access Control and see if the SSH becomes available from the WAN?

Also, are you trying to reach the device from the private mobile network (not the LAN of RUT241)?

  

Best regards, 
DaumantasG

by anonymous
Yes, it is activated and I test well on the ip private mobile network
by anonymous
Just to clarify, the SSH is reachable, just not the WebUI, correct?

Best regards,
DaumantasG
by anonymous
with cmd i can ping the ip but with the browser impossible to reach port 80 for WEBUI
by anonymous
And what about port 443 via the browser and 22 via an SSH connection?

Best regards,
DaumantasG
by anonymous
I have tested with port 80, 443 and SSH port 22 none of which work
by anonymous

Hello,

   

Just had a look at the troubleshoot. You seem to have created a rule named "Teltonika", which redirects port 80 traffic to LAN. This rule is not needed, as the WAN access rule is created, once WAN access is enabled in System → Administration → Access Control.

Try deleting this rule and see if anything changes.

 

Best regards,
DaumantasG

by anonymous
Hello,

I just tried with this setting but it doesn't work
by anonymous
when i test with the remote pc with telnet, i get the message "could not open connection to the host, on port 80"

I have tested with the firewall of the pc on and off
by anonymous

In the firewall statistics, I can see that no packets from the mobile interface have reached/tried accessing the device. Are you sure that the RUT241 is replying to ICMP messages and not the gateway along the route?

I'd recommend setting the wired WAN interface to a static IP, setting the static IP on the PC in the same network range as the wired WAN, and trying to access the RUT241. If you can reach the WebUI, the issue is somewhere in the mobile network.

Also, when trying to reach the RUT241 from the mobile side, are you receiving the message "Connection refused" or "xxx.xxx.xxx.xxx took too long to respond."?

  

Best regards,
DaumantasG

by anonymous
I can't connect with the pc because it's a windows server which is on the same network as the sim card

and with cmd I can ping the ip wan of the rut

it's when I want to reach a specific port that it doesn't work
by anonymous
What about port forwarding to LAN? Does that work? Or is it also unreachable?
  
Best regards,
DaumantasG
by anonymous
yes in lan it works
by anonymous
but in wan not
by anonymous
Hello,

  

In this case, I'd recommend factory resetting the device, enabling the WAN access, and trying to access it from the WAN. There are no issues reported with this feature, so the issue is most likely somewhere in the network.

You could also try using different devices to access the RUT, clearing the browser cache, etc.

Also, by my last question, I meant does the port forwarding work from WAN to LAN? Can you reach the LAN devices from your private mobile network after setting up port forwarding?

  

Best regards,
DaumantasG
0 votes
by anonymous
I have same issue. I can't access webui from external.

My Device:

Firmware version RUT2_R_00.07.04

Kernel version 5.4.229

I did router reset by pressing the button. I have only a sim card in (no lan cable plugged).

Installed the package DDNS. Configured it.

In SYSTEM  >  Administration  >  Access Control  >  WebUI

Enable remote HTTPS access  ON  Port 443

It seems that the traffic rule is blocked. I can't access from mobile sim IP.

I cannot ping the RUT240 neither SSH from outside.

Any ideas?
by anonymous

It seems that the traffic rule is blocked. I can't access from mobile sim IP.
I cannot ping the RUT240 neither SSH from outside.
Any ideas?

One possibile reason is that your Mobile Carrier is doing CGNAT in their own network.
So, single public IPv4 address is shared and utilitized by many users at the same time in Internet.

In this case, your incoming traffic from (outside) Internet destined to port 443/HTTPS or 22/SSH is not targetting your destination RUT device. It is lost or blocked(filtered), as you noticed.
Generally speaking, usually in scenario when NAT is in running in network, you need to create DNAT 'port forwarding' rule from outside (public) to inside (private) IP address to reach specific device, like for ports 443/22.
This should be done at Carrier level.

Not much you can do by yourself in such situation. You can contact your ISP and ask for some advice and their policies in such matter. Maybe you can pay them some extra cash to obtain fully routable IP address or ask for change IP address to present in Internet as public or try to set manually APN.

Second thing, try to change common well known ports for 443/HTTPS or 22/SSH into something else e.g. 10443 or 1022 etc. Maybe this can help.

Alternatively, you may rely on DDNS Service and register (subscribe) to some website offering such service.
Thanks to that, your RUT device will be announcing its IP address to dedicated DDNS, and you could connect to it by using some domain-name as URL instead of IP address. Good luck.