Hi All,
below I present you closer my Passthrough origin problem discovery and possible solution-fix (this I have tested with RUT240 firmware RutOS 7.04.2, then switched to the latest 7.04.5, but it’s also applicable to RUT241 and working fine, too). 
Issue background and origin :
Once set Teltonika RUT240 Mobile interface mob1s1a1 to Passthrough mode, RUT starts to assign it’s SIM IP address through DHCP Process and its internal Ethernet LAN port to device you are about to plug-in (Actually to let you know, if you decide to use (alternatively) WAN set as LAN mirror bridge-port, effect would be the same it’s just different br-interface, as in my case).
As the RUT240 router already have on its LAN port interface [eth0, but in my case its br-interface] created and using default LAN subnet 192.168.1.0/24, DHCP Server process in the first step tries “temporarily” to assign our device IP address from that pool 192.168.1.x/24, not our final exactly SIM IP for our specified MAC Address that we expect.
Then, in the second step DHCP is “recognizing” that for defined MAC Address it should not use internal LAN DHCP-binding 192.168.1.x/24 but use our SIM-IP binding. This private IP 192.168.1.x DHCP binding still exist but will not be usable anymore.
BTW: Same behavior I also see on any of my tested routers: Cisco/Juniper/Huawei (set as DHCP Client-interface), they get for single moment private IP address from pool: 192.168.1.x/24 but then after a short while it’s changed to expected and correct public IP address. I can see that behavior logged in syslogs, anyway.
Next, Teltonika RUT240 following DHCP process also creates at L2 specific ARP entries in its ARP Table (CLI command you may check it: ip neigh ), that should match current state of visible devices:
{IP Address} {interface} {MAC Address} {STATE result entry}.
However, here RUT240 crashes and hangs up and have general problem.
It is doing exactly as DHCP process tells it:
first → creates ARP Entry for MAC Address and assign it some random IP address from pool 192.168.1.x/24 – this will not be afterwards cleared/flushed/deleted.
second → tries to creates another APR Entry for MAC Address for Passthrough for SIM IP Address → here it crashes, stucks and have entry as INCOMPLETE, or null(blank) etc.
This is the main reason and root case why it’s failing at L2 ARP - Teltonika already is holding in its ARP first entry private IP address, not applicable here any longer, as our device-router will not have and use this IP, but its blocking overriding to second and vaild entry SIM IP for MAC Address in ARP Table.
this would looks like this, in my case:
192.168.1.140 dev br-lan lladdr e4:fc:82:dc:98:88 STALE
46.77.101.129 dev br-lan lladdr e4:fc:82:dc:98:88 INCOMPLETE
If we will simply correct this second ARP Entry we will have full access and correctly forwarding 100% of IP traffic to Internet .
Solution is very simple: clear and delete first ARP Entry - meaning general refresh it - and let router again to learn new ARP Entry by defining it as static entry in table. That’s it, nothing else.
Now:
Duplication of IP addresses on the interface of my Juniper SRX300 itself does not occur - at finally it gets correct destination IP of SIM cards from DHCP (when I see at router’s ARP Table private entry disappears, it doesn’t exist) and creates correct one ARP entry only for associated Gateway IP address, but duplication is happening and you can see it from perspective of RUT 240 - after running PASSTHROUGH at the same time, for br-lan interface with DHCP, first it tries to lease LAN IP address from private pool 192.168.1.x/24 and then try to replace it again with second mobile SIM IP - at final stage it holds only one valid entry in ARP table for preferred subnet 192.168.1.x/24 with assigned my Juniper MAC address, and another entry with correct mobile IP is just ignored (my case IP 46.77.101.129) it has constant ARP Incomplete state entry.
Teltonika developers promised to correct this behavior with newer firmware version to be released soon.
Solution is very simple:
login via SSH to Teltonika and execute two commands (sometimes you need to repeat it couple of times as this entry is not removed everytime):
root@RUT240:~#ip neigh del 46.77.101.129 dev br-lan
root@RUT240:~#ip neigh add 46.77.101.129 dev br-lan lladdr e4:fc:82:dc:98:88 ->> simply change your correct SIM IP and mac-address
After that ARP Table should looks like this (Example, in my case):
192.168.1.140 dev br-lan lladdr e4:fc:82:dc:98:88 STALE
46.77.101.129 dev br-lan lladdr e4:fc:82:dc:98:88 PERMANENT
However, this solution works only untill you don’t reboot RUT240 either: soft reboot or power outage, then it disappears and you need to repeat again, it start working.
Router starts to pinging something in Internet:
admin@Router> ping 1.1.1.1 source 46.77.101.129
PING 1.1.1.1 (1.1.1.1): 56 data bytes
64 bytes from 1.1.1.1: icmp_seq=0 ttl=57 time=36.675 ms
64 bytes from 1.1.1.1: icmp_seq=1 ttl=57 time=36.939 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=57 time=44.814 ms
64 bytes from 1.1.1.1: icmp_seq=3 ttl=57 time=33.685 ms
^C
— 1.1.1.1 ping statistics —
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/stddev = 33.685/38.028/44.814/4.121 ms