I’ve tried every possible setting that I can think of so I might hav changed something, but yes:
The LAN dhcp server gives addresses 192.168.189.100 - 192.168.189.249
The I static mapping och MAC
The router have lan-adress 192.168.189.1
One can easily ping between units on the lan.
In order to reach the server behind the router i have installed zerotier wchich works good. The adress 10.147.18.XXX comes from here. so this is not the issue.
To summarize:
I need to be able to connect from inside the LAN to external server, bidirectionally, using port 443 and 8080. This is denied despite I have opened “port forward”. In other routers port forward is one thing and opening ports another so it doesn’t feel right using “port forward” for connections initiated from the inside of the LAN
For LAN → WAN connection, there is no need to open any ports. This is how most of the routers work. However, if you are initiating connection from WAN → LAN, then the port forwards are needed. Even public IPs are not needed for LAN → WAN communication, as long as the connection is established from the RUTX12 LAN.
So if I understand correctly, the issue is that the LAN client cannot reach the server?
Yes this is one problem. The Francotyp connects from LAN to an external server in two steps, where the second step (as their support says) uses port 443 and port 8080. It worked very well with RUT241 despite I hade a non-public IP-adress but it doesn’t work at all using RutX12 despite similar settings as far as I can see and that I have changed to a public IP-adress.
The other problem, that I could not reach the server in the LAN from outside I have solved using zerotier. But it should have been possible just by using port forward as I previously did on RUT241. On RUTx12 it is not possible to connect to the server on LAN from the outside despite opening port forward. Nothing happens and connection is denied! Here it is no urgent issue since I can use zerotier, but it should be possible without zerotier!
If you have a device that operates outside the RUTX12 LAN (and is not connected via ZeroTier), could you try running these commands via the command line (CMD for Windows, Terminal for Linux and Mac OS) and post the results:
Of course, use the full IP addresses when running the command and blur them out when posting the output.
Once again, the LAN device should have no problem reaching the internet even without the static IPs, so likely there are some issues with the configuration, or additional ports may need to be opened. If you do not have a lot of configuration on the device, I’d recommend resetting it to factory defaults and checking if LAN → WAN communication still does not work for the LAN device.
Another thing that could have an impact here is the MTU size. Please navigate to Network → Interfaces → General, edit the mob1s1a1 interface, and in the Advanced settings change the Override MTU option to 1350. This should be repeated for the mob2s1a1 interface.
I also have a port forward rule on port 8000 → port 80 on the server I can reach using zerotier, but the connection is refused there too when I try a web browser.
So the problem with opening ports still persists, I’m afraid!
Could you clarify if you have created a rule to open port 8080, or 8000?
Perhaps for testing purposes you could configure the DMZ (Network → Firewall → DMZ) to redirect all incoming traffic to 192.168.189.225?
The same firmware on Rut241 and RutX12.
On Rut241 the setting is for failover and port forward from port 8000 (wan) to port 80 (192.xxx.xxx.xxx) and it works
Similar settings on rutX12. Access is denied and nothing forwarded.
According to what is said I have changed away from failover to load balancing but all trafic is still denied and nothing forwarded!
To diagnose the issue further, a remote session would be needed. However, as this is a public forum, we will not be able to organize it here. Hence, it is recommended that you reach out to your designated sales manager or the reseller from whom you acquired the device in question. They will be able to assist you in addressing this matter more effectively. If these channels are not an option, please fill out the Contact Us form here: Teltonika Networks - LTE Routers, Gateways & Modems for IoT