Hi. I’ve spent days trying to get bridge mode and IP passthroug modes working on the rut200 and rut901 routers. Both have got the latest firmware applied. Both work fine in nat mode but have similar problems in both bridge and passthrough modes.
On the 901, the SIM IP address gets passed to the target lan device and traffic from Lan to internet via the SIM works however traffic from internet to Lan doesn’t get through. Clients usually get a connection refused. However if the Lan device initiates any traffic Lan to internet then incoming traffice will be successful for 10 seconds or more but then gets refused again.
On the rut200, outbound traffic is ok but inbound traffic doesn’t get through at all even if the Lan device has made some recent outbound traffic.
I’ve followed the various guides and advice on the teltonika forums to configure this but with no success.
I’ve tried it with DHCP on my target device and it correctly is assigned the SIM IP and gets a .252 subnet mask so just two IP’s - one being the wan IP correctly assigned to the device and the next IP address up is set as the default gateway and that seems to map to the Lan interfaces on the router and I can even access the router web pages using that IP.
The documentation suggests the firewall, port forwarding and dMz functions are not used in these modes but in case they were causing traffic to be dropped I’ve also tested it with the firewall rules set to accept all and to forward all to my Lan device. It makes no difference. It just seems like these routers bridge and passthrough modes simply don’t work. Is this a known issue? I bought these routers specifically for bridge mode and if that modes doesn’t work they are useless to me. Anyone managed to get it working and if so how please??
P.S. do I need to use DHCP in bridge/passthrough? I would prefer to just set my target devices up details manually.
Thanks
Hi
It looks like I have the similar issue with a RUT241 in bridge and passthrough, in NAT it works fine. So either we are both missing a crucial change in the config when changing to bridge or passthrough or otherwise they are both having the same issue. See RUT241 in Bridge or Passthrough with 4G unstable
Dennis
Hi,
Connection refused usually comes from firewall refusing packets. Are you sure that your LAN device’s firewall allows inbound connections?
Hi. Yes not a firewall issue on the lan device - same device works fine under NAT instead of bridge and I’ve in any case switched off all firewalls. I can run tcpdump and the traffic doesnt even get to the lan device. I’ve poked around on the RUT devices and I dont see any useful tools like tcpdump on there to prove the incoming traffic is getting past the usb0 modem device or attempting to be passed out the br0 or eth0 devices. Switch back to the NAT and the traffic gets passed to the lan deevice just fine (In NAT mode I basically set the RUT firewall to accept all and forward all traffic to the target lan device). I have also tested the lan device with exactly the same IP config that it gets when configured in bridge mode and then used another local device to simulate sending it traffic on the ports the applications are expecting and it gets through fine. I’m pretty sure the issue is with the RUT devices. The fact that on the 951 it sometimes works (as long as it has seen some sort of outbound traffic within a few seconds previously - which doesnt need to be for the same IP as the ones that are trying to send data to it - just a ping to any IP outside of the RUT seems to make invomcing traffic get through - briefly). On the RUT200 however even that doesnt happen. I read in another thread somethign about subnets being a potential issue. I’m pretty sure the static IP issued by the mobile network comes with a /32 subnet mask and in bridge mode, both RUTs allocate a /30 (4 addresses of which two are usable - one being the mobile one which the RUT does assign using DHCP to my device and the next address up it seems to bind to itself as the RUT is accessible from my lan device on that next address as well as it 192.168.1.1.). All the docs suggest in bridge mode the firewall functions of the RUT are disabled and I had set them up to allow all anyway but the symptoms are very like the RUT just turning away all inbound traffic when in bridge mode.
Oh and I should add - when in bridge mode I can use nc from the command line of the RUT to connect to the LAN device on the bridged IP address and it works fine. That proves that there is no firewall issue on the lan device. It just seems the RUT does not pass on incoming traffic from the mobile network to the lan device when in bridge mode - but it is happy to route outgoing traffic from the lan device to the mobile network and beyond.
Hello,
I’m sending you a form to fill out to help us gather more information about your issue. Once you’ve submitted the form, we’ll contact you privately to troubleshoot the problem in more depth. Please use “10329” as the Ticket ID when filling out the form.
Best Regards,
Hi Martynas. Thanks for responding. Can you resend the form please - nothing has arrived?
For info of others. It appears the “subnet selection” option affects whether the RUT issues the bridged IP details with a /30 mask (“Auto”) or a /32 mask (“P2P”). It seems to make no difference to the problem I’m experiencing on either the RUT200 or the RUT901 other than that one of my test devices doesnt auto create the routing table entries correctly with the /32 mask (the router IP is outside of the subnet of its IP and I need to set it manually. After which it works only as with the Auto option with traffic outbound OK and inbound only working for around 8 seconds after some outbound traffic request has been made.
Hello…
Agree… Bridge is not working at rut200.
So… I solve this issue, using routing mode between four RUT200. RUT200(1) - 192.168.0.1/26 is the master with static route the networks, behind the other three rut200.(192.168.0.x/29)
I disable NAT and change firewall rules to accept.
I use the WiFi to connect remote RUT200 (2/3/4) to RUT200(1).
Hi. This wouldn’t scale for me as I wish to deploy to hundreds of sites. II am in conversation with Teltonika on this who agree this is an issue with firmware/chipset and they are working on a solution. Hopefully it wont take too long. Glad you have something that works for you though.
This topic was automatically closed after 15 days. New replies are no longer allowed.