I am trying to set up MQTT on my RUT240 (lastest FW)
As this was not publishing (to 192.168.178.27) I tried to ping my network from the CLI and this doesnt work. Somehow this was expected ^^ ping to the RUT240 on 192.168.1.1 is working.
Teltonika RUT240 (LAN Port 192.168.1.1) → Network Cable → Unifi UDM Pro (192.168.178.1) → Network Cable → MQTT broker (192.168.178.27:1884 - I am using 1884 instead of 1883)
In the meantime I solved it via WiFi.
I connected the RUT240 additionally via WiFi (as client) to the UniFi network and now its working without static route.
Just to confirm, have you connected the RUT240 and the UniFi device but assigned IP addresses from different subnets to each? For the devices to communicate properly, both interfaces on either end of the cable must be within the same subnet. If they are on different subnets, they won’t be able to communicate properly.
No its not on the same net, this was the reason for setting the static route as the RUT 240 dont know by its own where the clients in the 192.168.178.0 net are located
From your screenshot, you have set 192.168.178.0/24 as the target network and 192.168.178.1 as the gateway.
If 192.168.178.0/24 is directly connected to the RUT device, there is no need to add a static route. The network is already associated with that interface. However, if it is not directly connected, then the gateway you specify in the route must be one that the device can actually reach. Right now, you are telling the device to use 192.168.178.1 as the gateway to reach 192.168.178.0/24, but that means the device already needs to know how to reach that network, making the route incorrect. You need to specify the gateway IP to be on the same network as the interface from which it should be reachable.
As for the MQTT - if you connected the UDM to a WAN port and are trying to access MQTT on the RUT from the WAN side, ensure that remote access is enabled for MQTT traffic. Also, check if ‘anonymous’ access is allowed.
Additionally, go to System → Administration → Access Control → Security tab and check if MQTT access from your IP was blocked. If MQTT authentication fails multiple times, it will increase the failed attempts counter, and once it reaches the configured limit (10 by default), MQTT traffic from that IP will be dropped.
@AndzejJ
thx for your answer.
I dont use the Broker, I use only the Publisher to publish the RUT stats to the Broker in the UDM network. The UDM is connected to the LAN port on the RUT.
Is the RUT LAN port connected to the UDM LAN port? If so, go to Network → LAN on the RUT and change its IP address to one within the 192.168.178.0/24 network. For example:
No, its connected to a WAN Port on the UDM.
Internet (SIM card) → RUT (LAN) → UDM (WAN - Secondary)
Internet (Cable) → FritzBox in Bridge Mode (LAN) → UDM (WAN - Primary)
In this case, the WAN port of the UDM should have an IP address within the 192.168.1.0/24 subnet. For example, if its IP is 192.168.1.50, you can configure a static route on the RUT as follows:
Interface: Lan
Target: 192.168.178.0
Netmask: 255.255.255.0
Gateway: 192.168.1.50
This ensures that the RUT knows it can reach the 192.168.178.0/24 network through the UDM’s WAN port (192.168.1.50). At the same time, the UDM will recognize that the 192.168.1.0/24 network is accessible through its WAN port, as it has an IP from that range.
The route looks fine on RUT. However, if you want the UDM to use the RUT240 as a secondary WAN source, you need to set the WAN2 gateway to 192.168.1.1. This ensures that the WAN2 interface on the UDM uses the RUT240 as its internet source.
That said, the RUT should already be able to reach the 192.168.178.0/24 network through the UDM’s WAN2 port.
Could you try pinging both from the RUT240:
The UDM WAN2 interface: ping 192.168.1.223
The broker (if it allows ICMP): ping 192.168.178.27
Also, could you provide the routing table from the UDM?
I solved the issue. As you suggested, I manually configured the WAN on UDM interface to use 192.168.1.1 as Gateway with 192.168.1.233 as static ip. Now its working without any static routes on the RUT and without the RUT WiFi as Client AP.
Ping to 192.168.178.1 and the Broker 192.168.178.27 is working, but not to 192.168.1.223. Dont know if it should work or not. For me the issue is solved. Thx for the support. Please let the thread open for some days for the case that it stop working.
UDM
root@UDM:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 br2
x.x.x.0 0.0.0.0 255.255.255.0 U 0 0 0 eth8
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth7
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 tun1
192.168.178.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
@AndzejJ disregard its not working.
I disabled wifi but forgot to click on save so that the traffic was still routed via WiFi.
So I configured the static routes again for the 5 route types, but still not working.
Which route type do I need for ? All 5 ?
UDM routing table as shown in the last post.
RUT routing table:
root@Teltonika-RUT240:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default * 0.0.0.0 U 1 0 0 qmimux0
10.x.x.x * 255.255.255.255 UH 1 0 0 qmimux0
192.168.1.0 * 255.255.255.0 U 0 0 0 br-lan
192.168.178.0 192.168.1.223 255.255.255.0 UG 0 0 0 br-lan
root@Teltonika-RUT240:~#
root@Teltonika-RUT240:~# ip route
default dev qmimux0 proto static scope link src x.x.x.x metric 1
x.x.x.x dev qmimux0 proto static scope link metric 1
192.168.1.0/24 dev br-lan proto kernel scope link src 192.168.1.1
192.168.178.0/24 via 192.168.1.223 dev br-lan proto static
root@Teltonika-RUT240:~#
If you are unable to ping 192.168.1.223 from RUT with these settings, it is likely that the firewall on UDM is blocking the traffic that come to WAN2 (192.168.1.223) port. Check UDM firewall settings, specifically the WAN (WAN2) settings.
