I use a RUTX12 arround 2 years. Since 2-3 months I have a big problem with bulit in modem.
I use it for monitoring and I have a 10Gb sim card from my provider.
Since 2-3 months modem send a data when all is closed. In latest firmware I can close all ports. When all ports all closed and wifi is also closed, modem still transmiting any datas to internet. I maked restarts, factory reset - nothing. Still this some. All services are closed.
any help will be apreciated because 2-3 days in month and my simm card is empty.
What firmware version do you have installed on your RUTX12?
If the device consumes 10 GB in 2-3 days when nothing is connected to it (and the device was factory reset), it may be related to incoming traffic.
Do you have a public IP address by any chance? Do you have an option to use a different APN where you can get a private IP address? If so, I would suggest trying that. This way, the router will not be reachable over the internet.
Also, navigate to Network → Firewall and change the WAN zone options from ‘reject’ to ‘drop’. This way, if someone tries to connect, but it is not allowed on that port, the device will not send a response.
Also, for monitoring purposes, I would suggest installing a Darkstat package. You can refer to the darkstat page for more information here. You can also find basic instructions here . If your device does not have anything connected to LAN, I would suggest editing
/etc/config/darkstat configuration file from CLI and setting interface to qmimux0 (mobile interface).
I have firmware v R_00.07.05.4, and public IP also (need it for special connection of my radio because I’m HAMoperator).
I maked investigation and I saw that I had a lot of questions form IP: 10.250.5.56 form diffrents ports to my router. This incoming questions make a traffic (arround 48Mb per half hour). I change WAN options form reject to drop (your sugestion) and it helped. I will check it once again.
Is there anything else that can be done?
If you have a public IP address, your device is exposed to outside networks.
If possible, I would suggest using switching to private IP address and using a VPN in client mode for remote access. In this case, you will need a VPN server with a public IP address to which you can connect.
I asked my local friend who is IT specialist. He told me that I must flashing my RUTX12. Probably is infected and send spam to networks.
Factory restet not helped.
What I can do now? Where I can find flash to my router?
Any help will be apreciated from hepldesk teltonica
To completely reflash the firmware from scratch, you can follow the bootloader procedure described here.
I am not sure if this will help, as a factory reset didn’t help, and changing the firewall settings to drop packets instead of rejecting them resulted in decreased data consumption. I would suggest to try using a private IP as I mentioned before, because from the router’s side, you cannot do much aside from dropping packets.
Today I brought router to home. It was around 100km from my location.
Inside home I:
- Removed SIM card from slot nr 1,
- I was reslash firmvare in botloader procedure,
- Firmware are from this side: RUTX12 Firmware Downloads - Teltonika Networks Wiki
When I first loged, I change pass, change basic option to adwance and I go to section STATUS > REAL TIME DATA> CONNECTIONS and… I see a lot of UDPs connections do my PC (peak is arround 150-300)
Exaples down, It’s normal???
My router (RUTX12) asked any connected devices about DNS. Device (example my PC on port 192.168.0.182 answered on diffrents ports back. It gernerated inwanted traffic.
When I change rules inside router in firewall WAN ‘reject’ to ‘drop’ then traffic is little bit of lower but it does’t eliminate problem. Limit of my simcard is 10Gb. The cart is empty after 7days. I think it’s unnormal. Few monts ago is’n any problem. Limit works between months.
I have this router on my home and if is this possible I can give any access to him or send to diagnostic.
BTW: This traffic outside the network is detected as a threat.
Based on the images, it appears that your PC is responsible for sending DNS queries to the RUTX12, which is a standard behavior. However, the frequency of these requests is determined by the number and types of applications you have running on your PC. When your PC needs to establish communication with a specific device on the internet using a hostname, it sends a DNS request to the router to translate the hostname into an IP address. Your PC employs a random ephemeral port number (ranging from 49152 to 65535) to send this DNS query to the DNS service (on port 53) hosted on your router. In summary, your PC is the source of this network activity, and its intensity depends on the applications in use. It’s worth noting that some legitimate applications may initiate this traffic, but it could also indicate the presence of malware. It is hard to say without inspecting the traffic whether these are legitimate requests or not.
The problem has been solved. Internet provider bloked all strange traffic outside on the network.
Firmware version RUTX_R00.07.05.4 have a bug. When I loging from outside then router freezes few second and leds from 3G/4G and signals blinking. Contact is possible but router works slowly.
Don’t work SMS from simcard. When I goes to services > Mobile Utilites > SMS Utilites then I see info: “falied to load sms action”. SMS messages are empty.
This topic was automatically closed after 15 days. New replies are no longer allowed.