subscribe to our Youtube


14455 questions

17168 answers


0 members

We are migrating to our new platform at Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
+1 vote
227 views 4 comments
by anonymous


I want to access a device that is connected to the RUT950 (mobile internet) via the LAN port over the RMS VPN.

The device is a test device (cab printer). It works fine if I set up the DHCP option, but some of our devices don't support DHCP and you have to set a static IP/Subnet/Gateway/DNS. We use a lot of RUT routers for a variaty of different projects and a solution would be great.
The DHCP options sets the test device to:

IP Subnet

The remote access from the rms portal works and also the access over the vpn connection with dhcp, but as I set a static IP,... it can't connect anymore. I manually set the IP and Subnet in the VPN hub routes, for example:

RMS VPN Hub routes (LAN forwarding active)
IP Subnet

and on the test device:

IP Subnet Gateway DNS

I tried to change the subnet to (the same as in the dhcp configuration), leave the gateway empty, change dns settings to, but nothing seems to work.

Can you help me to establish a VPN connection with a static device configuration?
I also included the troubleshooting file if that helps.

I appreciate any help you can provide as I am a bit clueless how to solve this problem.

1 Answer

0 votes
by anonymous


From the file, the ARP table of RUT950 does not contain an entry of Can you ping this device from the RUT950 via SSH?

Also, have you tried to configure a static lease from the RUT950? It can be done from Router's WebUI Network -> Interfaces -> Static leases page.

Awaiting for your reply.

Best regards,

Best answer
by anonymous

I am able to ping the mentioned device through ssh.

root@Teltonika-RUT950:~# ping
PING ( 56 data bytes
64 bytes from seq=0 ttl=64 time=0.621 ms
64 bytes from seq=1 ttl=64 time=0.533 ms
64 bytes from seq=2 ttl=64 time=0.591 ms
64 bytes from seq=3 ttl=64 time=0.538 ms
64 bytes from seq=4 ttl=64 time=0.526 ms
64 bytes from seq=5 ttl=64 time=0.601 ms

... but I am not able to ping it through the cmd utility from my windows computer that is connected through vpn.
Virtual IP from the RUT router is reachable,

ping with cmd*
Antwort von Bytes=32 Zeit=128ms TTL=64
Antwort von Bytes=32 Zeit=129ms TTL=64
Antwort von Bytes=32 Zeit=145ms TTL=64
Antwort von Bytes=32 Zeit=127ms TTL=64

Ping-Statistik für
    Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0
    (0% Verlust),
Ca. Zeitangaben in Millisek.:
    Minimum = 127ms, Maximum = 145ms, Mittelwert = 132ms

 but the device ( ) isnt.

ping with cmd*
Antwort von Zielnetz nicht erreichbar.
Antwort von Zielnetz nicht erreichbar.
Antwort von Zielnetz nicht erreichbar.
Antwort von Zielnetz nicht erreichbar.

Ping-Statistik für
    Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0
    (0% Verlust),

*my cmd is in german

The new static lease didn't solve the problem either ( double checked correct MAC adress ).

The confusing part for me is that the remote access through the rms website works as expected, but the direct connection while connected with the VPN doesnt.

( I added a new troubeshooting file with the static lease )

by anonymous


I changed the device DNS to the routers IP adress ( - was set to before). I don't think that the router hosts a DNS service? At least it's not enabled under Network -> Interfaces -> General -> LAN -> DNS servers. There are some enabled options under Network -> DNS, like these:


Network - DNS settings
Log queries ON
DNS forwardings
Rebind protection OFF
Local service only ON
Listen interfaces OFF
Exclude interfaces OFF
Filter private ON
Localise queries ON
Description Netmask
Router RUT950
VPN hub virtual netmask
Device (printer) netmask

The netmask of the router and the additional device is . The virtual network netmask is also, but I found the device with the scan tool from VPN hub >> Routes >> Add route. It set the device to 

VPN hub - Routes config

And now the direct connection through VPN works as expected, but I am not sure why and I don't know if I could replicate the connection process if another device isn't detected through the scan tool from your website.
Do you know why it uses a different subnet mask for the VPN and why that works?

by anonymous


Good to hear that you have managed to solve the issue.

The newly attached troubleshoot file now does have in its ARP table.

The router does have DNS in dnsmasq package form. However, I do not see the relation between DNS and RMS VPN hub functionalities.

The virtual network netmask refers to the virtual OpenVPN network, used for communication through the tunnel, independent of the LAN subnets of the connected sites.

The VPN hub route refers to a specific device in your remote LAN, thus the need for subnet mask. If the route would point to address, then netmask would be correct, as it would route to a range of addresses within the network.

Best regards,

by anonymous
thank you very much for your reply. I'll have to dig into this topic to get a deeper understanding of the network topology and network communication. Can you recommend any specific literature?

Your answer was helpful, and I actually managed to replicate the process for a different project site and devices.

Have a great week :)
Best regards,