We just received a RUT240 that we would like to use for one of our project.
We are trying to use the router to connect one of our equipment to a remote server in order to control it from there.
We managed to connect as client in LAN with telnet to our remote server, by forwarding a port of our modem in LAN to the server address and port in WAN.
However, our equipment is used as server in our TCP connection, and we would like to know if it is possible to have the router to expose the listening equipment to our remote server.
Despite having defined port-forwarding from {Private Address Equipment:Port B} to {Remote Server: Port A}, we are not able to connect the remote server and the equipment.
Small schema to illustrate what we are trying to achieve :
Remote Server <—PORT A— | WAN | RUT240 | LAN | —PORT B—> Equipment ( role = server )
Thank you in advance for your answer. If you need me to detail some things, feel free to ask and I would try to give you as many information as possible.
Since you want to access your equipment from the Remote Server in WAN, you need to configure port forwards as follows:
Protocol: TCP (or TCP+UDP or All)
Source: WAN
External IP: Any (or WAN IP of RUT visible in Network → Interfaces)
External Port: Port, on which you will connect to the RUT to be forwarded to equipment. For example, port 8080
Internal zone: LAN
Internal IP: IP address of your equipment
Internal port: The port number on which your equipment listens. For example, port 80 (HTTP).
With this rule, when you connect from your Remote Server to RUT240 WAN IP: PORT 8080, you will be redirected to your equipment on port 80.
Please, keep in mind that your RUT240 needs to reachable from the remote server, i.e. to have a public WAN IP address.
First of all thank you for the quick answer @AndzejJ !
We already tried what you described and it indeed worked for the use-case you described : connecting from remote server as a “client” to our “server” in the router’s LAN.
However our remote server only knows the public IP address of the router once the RUT240 communicates with it (I should have emphasize this point, sorry).
We then would like to achieve something similar to this, where the connection to the remote server comes from the router (it might not have the exact same structure, but the same behavior) :
Remote server (role = server) <—|WAN|—{client}----{client}—|LAN|—> Equipment (role = server)
Have you ever heard of something similar being done ?
Is it possible to do it only through configuration ?
Might the “user’s script” tab help us to achieve what we want to do ?
Just in case you are wondering why we are not using RMS to first find our router’s public IP address to later use it : our client doesn’t want to use RMS and wants to keep remote access to its equipment only from our remote server.
On the (server) ← (client) — (client) —> (server) structure which, I will admit, seems strange in our case, we have to keep it.
I am really sorry but as I don’t want to give too many information, I will not say why.
What do you mean that you do not know the IP address of the router until it communicates with you? If it is because the RUT240 has a dynamic IP address that always changes, you can use DDNS (Dynamic DNS). This way, RUT240 will be reachable via a hostname that will be periodically updated so that if the IP address changes, the hostname will be resolved to a new IP address. DDNS information is available here.
Also, since the device is reachable, it means that you have a public IP address. If this is not a closed network (like with a private APN), you can create a VPN tunnel. This way, the remote server would be able to communicate with RUT240 and its LAN network devices without any issues (and securely). RUT240 supports many different VPNs. You can find more information here. As one of the more popular options, you can consider OpenVPN (you can refer here).
You perfectly summarized what I meant with the solutions you provided @AndzejJ : we need a way to insure we can always connect to the equipment despite the router having a dynamic IP address that will change overtime.
On the other routers we were already using, we had a piece of software on the router that would make the link between a TCP connection from the router to the remote server and the equipment connected to the router through a serial port, hence the “(server)<–(client)–(client)–>(server)” design.
The solutions you brought are the ones we think we will have to use to make it work, but we just wanted to make sure there was no other ways to do it by only configuring the router and without changing our design, since applying these solutions will result in our remote server to be the “client” of our TCP connection to the equipment through the router.
Thank you again for your time and explanations, we really appreciate it !
What do you mean by a serial port in this case? Are you using RUT240?
Generally, our devices that have a serial port, such as RUT956, TRB245, etc, have a ‘Serial over IP’ feature that basically allows you to communicate with a serial device over TCP. It can work either in server or client mode. In server mode, the RUT will listen on a specified TCP port and when some device connects to it, it will simply forward all data to the serial device. The client mode on the other hand, will try to establish a TCP connected to the specified host/server and if the connection is succesful, it will forward all data received on the serial port. This communication is bidirectional. You can find more information about this feature here and here.
Just to make sure I am not missing something :
Can you confirm me there is no options like OverIp on the RUT240 for communications between WAN and equipment connected to the router through Ethernet ?
Thank you again for all you answers, and sorry for disturbing you.
The description sounds like port forwarding to me, which was outlined in my first response in this topic. Essentially connecting to RUT240 and forwarding the connection to the device in LAN. However, in this case the communication will need to be initiated from some device in WAN or LAN. But since you have two servers that are waiting for the connection, this will not work. If you need the RUT240 to initiate a connection to both devices in LAN and WAN, and then forward the traffic between them, then you will need to write some script/application yourself.