FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
+1 vote
4,705 views 2 comments
by anonymous

Hey,

It looks like RUT240 resets (spoofs) the TCP session(s) and does not allow 3-way handshake to complete to my AWS server.

Taking tcpdump from the RUT240 and AWS can see the following:

1) internal host sends SYN 192.168.14.126 (NATed 46.211.103.130) towards the AWS server 52.19.186.42

2) Teltonika sends RST/ACK back to the client with the src IP address of the server 52.19.186.42

The tcpdump was taken from the AWS EC2 instance, there was no SYN from the 46.211.103.130

https://www.cloudshark.org/captures/c8f702448f9f

Thanks,

Myky

2 Answers

+1 vote
by
Hi,

Could you describe more details about your solution, what you want to make?

Seems you have connected device to RUT240 which should communicate with AWS? Who is that device and how it should communicate with AWS? What protocols are used for communication with AWS?
Best answer
by anonymous

Hello,

Thanks for getting back to me. 

That is correct, l have UniFi AP (192.168.14.126) behind RUT240 that is suppose to establish a connection to my AWS server on the TCP-8080.

Once the session established, AP sends keepalive messages. This way you can always manage it via the controller. 

Occasionally, maybe 3-4 times a day connection drops. While the connection was in the broken state, l took tcpdump from the RUT240. 

As you can see all packets have TTL of 64, means they are local (initiated locally, as default TTL for Linux is 64) and were not router. 

Thanks,

Myky

0 votes
by anonymous
Hello,

Looks like Unify (192.168.14.126) is sending two SYN frames at once (which can be seen from the time codes and the SEQ/ACK analysis which shows that the second frame is out-of-order), which is not allowing the three-way handshake to complete.

This can be caused by multi-path routing. So I recommend that you overview your routing policies and firewall rules.

If you're unable to find the issue, maybe you could provide some additional info (topology, troubleshoot file, etc.)?
by anonymous

Thanks! l will give a go. The network itself is simple, RUT is a gateway for UniFi. AWS is a publically-facing server. 

Overall l am very impressed with RUT240, it is a cool device.yes