Hello DaumantasG,
I will try one more time to change Teltonika RUT240 from Passthrough to Bridge mode and replicate problem to check again if something changes. I will try to share T-Shoot file, but in created separate topic about it (here I don't have option due to the fact I'm not the creator/owner of this topic).
Generally speaking, configuration of every edge-router is very simple - whatever Vendor device I use: Cisco, Juniper, Huawei, Fortigate etc.
I configure following:
- interface (connected to Teltonika) set IP address to obtain it from DHCP
- create static-route/default-route to the Internet (facing Teltonika)
- check router's routing table and perform simple PING test sourced from obtained-IP-address-from-Teltonika to some Internet --> usually it's Google IP 8.8.8.8 or 1.1.1.1. Sometimes this simple PING is failing.
Topology is as follows:
Edge-router {interface-wan} (acquire IP from DHCP) ------ UTP 5 cable --- lan eth0 (Passthrough) Teltonika mo1s1a1 --- LTE network get public IP address from APN -- Internet
I suspect reasony why Passthrough is not fully working is miscorrect handling of the traffic coming to it (or some mechanism is messing with it).
What I mean is: Teltonika is correctly assigning and leasing IP address from it's DHCP Server to specified MAC Address interface in WebUI for mob1s1a1, which is OK, to behind-connected device.
Then, router not only receives it's public IP address with /32 prefix, but also small virtual public subnet /30 (4-IP address subnet) created from Teltonika-DHCP Server, where:
- first IP address -- subnet (not usable)
- second IP address -- assigned my to edge-router
- third IP address -- virtual-gateway assigned to Teltonika via which traffic will be routed to Internet
- broadcast (not usable).
This "third" virtual-gateway IP address existing to Teltonika is not usable when defining default static-route as the correct next-hop IP address, because you cannot even ping it locally from edge-router to Teltonika.
This is the clue why sometimes device's are failing. Why?
For example, let's examine Juniper routers, wherever you create static-route you have to explicitly point next-hop IP address that is resolved from Interface into usable and route'able IP address, which in this case is not working and blocking the traffic.
Cisco has no problem to define static-route and routing to DHCP service itself, so it's working OK.
ip route 0.0.0.0 0.0.0.0 dhcp
Huawei has some issue and static-route even if it's looking similar is not working :/ not sure why:
ip route-static 0.0.0.0 0.0.0.0 GigabitEthernet0/0/9 dhcp
(Gi0/0/9 is interface connected to Teltonika)
Fortigate has no issue at all it works fine.
Even that every Vendor device router/firewall should acquire from Teltonika it's default-Gateway IP (to Internet) and visible in it's IP routing table I prefer to define by myself static-defult route.
Now, with Legacy firmware 14.6 this third IP address as virtual-gateway was pingable (even locally) and you could easilly create any kind of static-route using this IP as next-hop, now with RutOS is not usable and so even Passthrough is kind of assining IP address behind-connected devices wil not have full access to Internet.
I though that firewall might be blocking, and even created extra zones as trusted everyting LAN_to_WAN and WAN_to_LAN but it's no the issue.
Finally, Zimantasbilu has informed me about my side-topic:
https://community.teltonika-networks.com/59854/solved-passthrough-teltonika-rut240-further-remote-management
In next-coming RutOS 7.5 will be patched Firewall rules etc. so I'm waiting to see if something changes also with Passthrough, as well.
Kind Regards and thanks for reading this long commect,
Robert.