I am currently working on a project that involves a Teltonika RUT140 router and a Siemens S7-1200 PLC. I have set up port forwarding to enable access to the PLC via OPC UA (port 4840), but I am encountering issues where the connection is not working as expected.
Could you please help me identify what might be the issue or if any additional configurations are required for the port forwarding to work correctly?
Your guidance would be greatly appreciated. If you need any further details about my setup, I am happy to provide them.
Could you clarify whether you want the RUT device to simply route/forward TCP/IP traffic so you can reach your PLC, or if you need the RUT device to collect OPC UA data and send it periodically to your server?
If it’s about routing/forwarding, please share your configuration and explain how you are trying to reach the device. Are you using a public IP address, VPN, or a private APN network?
If you need the RUT device to collect and send OPC UA data, we have a configuration example available here: OPC UA Configuration Example.
I need the RUT device to simply route/forward TCP/IP traffic so I can reach my PLC and read data from it via OPC UA, which will be used for creating my SCADA system.
Could you share the port-forwarding rule you created?
Have you made any other changes to the device besides setting up port forwarding?
Also, are you using Ethernet WAN or WiFi WAN? If possible, please provide a topology diagram with marked IP addresses and ports to help get a better understanding of your setup.
In this TRB setup, we are using a SIM card to connect to the internet. Since the IP address provided by the internet provider is dynamic, I created a DDNS (Dynamic DNS) and it is running.
Firstly, I would strongly recommend setting WAN => Accept zone Input to Reject or Drop. If you have a public IP address, this is insecure.
Secondly, you have port-forwarding rule configured correctly (assuming ports and IP is correct). This will work without additional “Traffic Rules”. I recommend deleting the “PLC” traffic rule and restarting firewall/device.
Other than that, the configuration looks ok.
If the issue persists, could you please try enabling remote HTTP access in System → Administration → Access Control and trying to access the RUT itself from the internet using its DDNS? Does it connect?
I have changed the WAN settings as you recommended, deleted the “PLC” traffic rule, and enabled remote HTTP access, but I’m still unable to access the TRB from the internet using the DDNS.
Additionally, is it normal for the DDNS IP address and the WAN IP address to be different?
No, those IPs should be the same. If they are different, it likely means your device has either a private IP or a CGNAT IP, which makes it inaccessible from the internet.
If your device has an IP from these ranges, you may need to contact your SIM provider to check if a public IP is available. If it is, they will usually provide a specific APN, which you can configure in Network → WAN → edit Mob1s1a1 on your mobile interface.
If a public IP is not an option, you can use a VPN. However, a standard VPN requires a server with a public IP. If this is not available, you can use VPN solutions like RMS VPN Hubs or ZeroTier, which do not require a public IP.
