All traffic is redirected to tunnel

We are experiencing a lot of problems with RUT-951 routers from firmware RUT9M_R_00.07.06.3

The specific routers are equipped with the above firmware version and with 4G sim card. They are using an IPSec tunnel. When the failover is trigger due to the fact that the 4G connection is lost/renewed. All traffic is redirected into the tunnel which results that the devices within the LAN are losing their internet connection. At that moment, the device are going offline and the NFC-terminals can not get connection with their payment host. This results in an order of order situation from our Payment terminals. The only way to resolve this is to reboot the router.
Is this a know issue? What can we do to avoid this situation? A default route is configured with the IPSec configuration. We didn’t had any problem with previous firmware versions.


Thank you for question.

Is it correct that your default traffic going only over the tunnel, I believe over the tunnel should be only for a specified range of addresses, but not for, obviously it forces all traffic to go over the tunnel, maybe your case is designed to going over the tunnel for internet and so on?

Share with me routing information, execute this command route -n, and send results to me.

Also i would recommend you to update to 07.06.10 which is may to resolve problem - RUT951 Firmware Downloads - Teltonika Networks Wiki (

Kind Regards

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface U 4 0 0 qmimux0 U 1 0 0 br-lan UH 4 0

I have update the routers which experience the problem to the most recent firmware but still see the same problem. It looks like the problem is less frequent but due to a renew of the 4G connection, the router start to route all traffic into the tunnel. After a reboot of the router, it’s normal again. We need a permanent solutions. What do you suggest?


From your route information, I see that is fine at the current moment, it would be better to list routes when the issue appears, but anyway, I would ask you to download the troubleshoot file from the device and share it with me.
I will share with you instructions on how to share data with me.

Triubleshoot file you can download from device here:

Kind Regards

Hi Yevhenii,

it’s not clear to me how I can share data with you. I have filled in the form but I wasn’t able to add the data.

So you tried to send the file and what happened, fil didn`t upload or other problem appear?

kind regards

Hi @Tomvr,

You should have received an email in your inbox. Please respond to it and attach the troubleshoot file.

Best regards,

Hi Marijs, i have already replied on your email and filled in the ‘Teltonika community request for private communication’ but no-one has reached out yet. Not sure what I can do more.
I do have the trouble shoot file ready.

Hi Marijs, I receive a ‘Undeliverable’ response when I reply on your email. Any other suggestions? rejected your message to the following email addresses:

Community Networks (
Your message wasn’t delivered because the recipient’s email provider rejected it.


I’ve resent the email to you. Please double-check if you received it and reply with the troubleshoot file attached.

Kind regards,

Hi Marijus, I just made my 3th attempt to reply on your email but still get an undeliverable response. Can you provide me a support email address?


I have sent you multiple emails with only single “out of office” response. Please check your spam or other inboxes.

Best regards,


I did receive all your emails and replied to them but I do have the idea that the emails are not get to you. Do you have a support email address which I can use to provide you the troubleshoot logging?


You can try contacting us directly at via “Contact Us” form. As a reference you can supply link to this forum post.

Best regards,


Hi, @Tomvr

I have recieve your troubleshoot file:

Thu Apr 11 07:23:25 2024 local0.notice vpn: + == – ==
Thu Apr 11 07:23:25 2024 ipsec: 09[ENC] <toAzure-toAzure_c|1> generating QUICK_MODE request 760803930 [ HASH ]
Thu Apr 11 07:23:25 2024 ipsec: 09[NET] <toAzure-toAzure_c|1> sending packet: from[4500] to[4500] (60 bytes)
Thu Apr 11 07:23:32 2024 dnsmasq[5099]: read /etc/hosts - 4 addresses
Thu Apr 11 07:23:32 2024 dnsmasq[5099]: read /tmp/hosts/dhcp.cfg01411c - 0 addresses
Thu Apr 11 07:23:35 2024 Mobile data connected (internal modem)
Thu Apr 11 07:23:35 2024 Joined LTE network (internal modem)
Thu Apr 11 07:23:35 2024 Connected to Proximus operator (internal modem)
Thu Apr 11 07:23:49 2024 kern.notice Password auth succeeded for admin on HTTPS from
Thu Apr 11 07:23:49 2024 daemon.err uhttpd[2446]: vuci: accepted login for admin from
Thu Apr 11 07:23:54 2024 procd: - init complete -
Thu Apr 11 07:23:55 2024 dfota[6437]: Searching for WAN…
Thu Apr 11 07:23:55 2024 dfota[6437]: WAN found on interface: mob1s1a1_4
Thu Apr 11 07:23:55 2024 dfota[6437]: Preparing for gsm.modem0 update!
Thu Apr 11 07:23:55 2024 dfota[6437]: Searching for updates…
Thu Apr 11 07:23:56 2024 dfota[6437]: No update found!

From ligs i see that after initialization of IPSEC, WAN port is detected with mob1s1a1_4 - physical interface, but:
Thu Apr 11 07:30:23 2024 mwan3track[3486]: Check (ping) failed for target “” on interface mob1s1a1 (qmimux0). Current score: 6

And here is ping trying run over mob1s1a1, did you config any addtional interfaces ?

Go to Status->Routes->Static
And make screenshot like my:

With normal state when the internet is accessible and when your devices behind the LAN network, you can’t reach the internet, because from the current perspective it`s looks fine except interface mob1s1a1_4, so I need to differ between these 2 states

What is the meaning of (qmimux0)?

Hi, I have the same problem with IPSec and remote peer subnet as well. I have a RUTX50 with the latest firmware.