Portforwarding bug RUT241

If i tried to enable https access on RUT241 (RUT2M_R_00.07.04.4 ) WEBUI (System/Administration/Access Control) and login to that i only get to Login Screen, after sending User/Password device is unreachable (see pictures).

The same problem exists with every portforwarding. I wasn’t able to connect to the specified ports.
I use a lot of RUT240 (RUT2_R_00.07.02.7) and with exact same config and same SIM Card i can connect to that ports.

I do not understand what i should change now…Maybe anybody with a same probs and a workaround ?

Another bug which is present at a lot of firmwares is that the wizard to Config lan, wlan, mobile, RMS is didn’ change the ip of lan interface at the first time. You have to jump into the LAN wizard and do it twice for working.

Hi, I’ll assume that you don’t have any custom firewall rules configured, besides enabling HTTPS access, and will guess that this is likely some sort of MTU issue. Could you try to set MTU on your mobile interface to values such as:

  • 1420
  • 1460
  • 1500

and see if making any of these changes will let you to login to your device? I’d also try opening a private (incognito) window just to ensure that browser caching is not interfering here in any way whatsoever.

You should be able to change your mobile interface MTU value in advanced settings. You can also check out the wiki to figure out precisely where MTU value override setting is located at: [RUT241 Interfaces - Teltonika Networks Wiki]

P.S. just in case my assumption is wrong and you do have some additional custom firewall rules - can you please share it all here?

please check out your access to RUT241 with using dffierent WebBrowser, clean and clear cookies and existing certificates. I think even if you enter your username and password those credentials are not sent to device itself so you get the error with wrong access, even if you paste correct data.
I encoutered such behavior with RUT240 couple of times, after Upgrading/Downgrading software etc.

Hope this will help you.

Thank you.

I tried an other browser, and cleaned cache already. My solution was to use the old firmware. There remote ssl port for WebUI is available and all other portforwardings i configure.

The portforwarding is the same like i use all the time with older firmwares.
I think the new firmware RUT2M_R_00.07.04.4_WEBUI is buggy in case of portforwarding. Wireguard VPN works as usual but no portforwarding to custom ports. Wireguard port is opened by system but all other ports custom ports are closed.
With old firmware (RUT2M_R_00.07.02.7_WEBUI) everything works …

Interesting… Could you try to enable firewall rule to permit HTTPS access, then go into CLI of the router and issue this command:

/etc/init.d/firewall restart

This will restart firewall service fully, flushing all of the connections and loading up all of the iptables (nftables?) rules anew. You could then try to connect to the router via HTTPS and see if anything’s changed.

If firewall service restart doesn’t work then I would put TCP MSS adjustment on the list of suspects next, because this is a TCP session that’s failing, but UDP seems stable from what I hear. Perhaps introduction of nftables is messing with TCP MSS adjustments in some way, but don’t take my word for it just yet.

I think you might be right, as I see now notification that firmware RutOS 7.4.4 was withdrawn due to some bugs you might falling into.

With RUT240 I see now description:

RUT2_R_00.07.04.4 | 2023.06.26

Note: Firmware version RUT2_R_00.07.04.4 released on 2023.06.26 was removed due to an issue on certain modems with failing initial mobile connection after upgrading from RUT2_R_00.07.02.5 or lower.