I have recently replaced the routing function in my RUTXR1 with a more capable mikrotik - with starlink as the main WAN.
The RUTXR1 mobile data connection is now available to provide a second WAN (ie backup) for the mikrotik and a Wifi access point - with the routing being done by the mikrotik.
Is this possible with the RUTXR1 and what are the requirements (one physical ethernet link, or two?).
My thoughts:
Mobile passthrough mode - allows RMS access.
The mikotik gets the mobile WAN IP passed through from the RUT - advice on configuring RUT? LAN1 of RUT is connected to WAN2 on mikrotik.
The access point is somehow bridged to the mikrotik - this is the main part I’m unsure about is if this requires yet another physical ethernet cable or not.
Also, I operate ZeroTier on both devices. As soon as I set mobile passthrough on RUT, Zerotier_RUT goes offline. Can anyone advise this also?
In the Mobile passthrough mode, RUTXR1 assigns the mobile WAN IP directly to the MikroTik’s WAN2 interface.
You’ll need to ensure the RUTXR1 is set to Mobile Passthrough Mode under Network → WAN → Edit the interface → Mode → Passthrough.
Since this mode disables NAT and routing on the RUTXR1, ZeroTier on the RUTXR1 will go offline because it no longer has a routable IP (only the MikroTik gets an IP).
If you need the RUTXR1 to provide Wi-Fi as part of the MikroTik’s network, you’ll likely need a second cable:
Cable 1: RUTXR1 LAN1 → MikroTik WAN2 (for mobile passthrough).
Cable 2: RUTXR1 LAN2 → MikroTik LAN (to bridge Wi-Fi).
If you want devices on the RUTXR1 Wi-Fi to be part of the MikroTik network:
Configure the LAN port (LAN2) on the RUTXR1 as a bridge.
Connect LAN2 to a MikroTik LAN port.
Set up the Wi-Fi on the RUTXR1 as a bridged AP, forwarding traffic to the MikroTik LAN.
Ensure DHCP is disabled on the RUTXR1 so the MikroTik handles all IP assignments.
The above can be achieved by creating a new interface, configuring it by disabling DHCP and enabling Bridged interfaces, you’ll also have to select the networks to bridge between in the settings seen below:
RMS remote access should still function in passthrough mode? I’d really like to still be able to access webUI of teltonika.
eth0 and eth1
So that I make sure I understand the logic, when you say
The above can be achieved by creating a new interface, configuring it by disabling DHCP and enabling Bridged interfaces , you’ll also have to select the networks to bridge between in the settings seen below:
and your screenshot shows eth0 & eth1 selected, does this mean that on the RUT, we are bridging the mobile port (eth0) and the wifi AP port (eth1), or bridging the lan to those ports? This seems like strange logic to me, since the eth0 carries the singular passthrough IP, while the eth1 port carries the AP clients to the mikrotik LAN, with very different subnets. I would have thought that eth0 would be excluded here.
I’m also wondering, with that interface created (under LAN?) does any Wireless SSIDs configured just automatically associate to any LAN interface, unless bridged - as you have specified?
Hello there, glad I was able to answer some of your questions, here are a few clarifications:
I retract what I’ve stated regarding passthrough + ZeroTier, as it seems like it works, but there are a couple of niche things that could cause it not to work, which happened in my case. Kindly refer to this thread for an answer, more specifically, to Janmiguel’s answer where he showed the entire configuration. He mentions changing subnets for the VPN to start functioning again, try that, personally, it helped me.
Regarding the bridging, I might’ve misunderstood what you’ve initially requested, could you elaborate a little more on what you’re trying to configure/bridge between?
RMS does work in Passthrough mode. After enabling it, it might take a few minutes for the device to regain connectivity to the service, but it works.
ok thanks again.
I won’t use the bridging term, as I’m not totally sure I’m using this word in the right way, so please point out where I might be misunderstanding.
I have this setup:
Starlink-> WAN1 Mikrotik → LAN1,LAN2,LAN3,LAN4 (each different rooms with switches and multiple clients, 10.0.1.0/24, 10.0.2.0/24 etc)
I want to use my RUTXR1 for two tasks:
Mobile backup for the Mikrotik - incase the starlink fails. I agree Passthough is the best config.
Access Point for the Mikrotik LAN, so that wifi devices can access the internet and the other LANs.
Your instructions were to use separate cables for 1 & 2.
the cable is going to be passthrough eth0 (or LAN1) RUT to WAN2 Mikrotik - so this will be the CGNAT IP passed through to the mikrotik (maybe wrong term, but you know what I mean). No
The second cable would be for the AP, passing from eth1 (or LAN2) RUT to `LAN5’ Mikrotik. Mikrotik has DHCP server, RUT has no DHCP on this interface.
However your screenshot showed the interface bridging with eth0 and eth1.
I think this is bridging the CGNAT and Mikrotik interfaces?
Maybe this is correct, but it seems incorrect to me as they will be different subnets.
I admit that I am not clear, when setting up the RUT, what to do with the default LAN interfaces already there.
Regarding the screenshot I’ve provided, I have no clue how the second interface got in there. I must’ve added it using my keyboard somehow, but generally, there should be only one interface in that specific selection menu. Apologies for that.
We don’t own any Mikrotik devices so I’m not able to test with your specific configuration. Your desired configuration, however, did remind me of a Wiki example that we have here the only problem is that the other end is Mikrotik which I’m personally not familiar with, you may try to find similar settings on the other end and see if you’re able to achieve what you’ve been trying to so far. This would be regarding the AP config you want.
Regarding the separate cables I’ve suggested, did you test it out and did it function, or were you still having trouble with setting it up? Kindly let me know of any details so I can try and assist you further with this.
Ok great - thanks for clarifying - that extra interface in the bridge selection was challenging what I thought I understood about bridging!
Understood about the Mikrotik - I just find the Teltonika configuration difficult to understand logically.
I think the Teltonika should be setup like this:
Mobile - Mode: Passthrough, no DHCP, bridged to eth0.
Lan interface: DHCP disabled, bridged to eth1 (LAN2).
Please could you detail this more - just so I am really clear the steps required:
Set up the Wi-Fi on the RUTXR1 as a bridged AP , forwarding traffic to the MikroTik LAN.
does this mean the interface we set up should have eth1 (the physical port) as well as some wifi interface selected in bridged interfaces? I’m not sure if the wifi just automatically is bridged or if I need to select it.
I haven’t yet tried all of this, as the system is remote, and I have lost connectivity before, which means a long drive to reset. I am trying to determine all the correct steps and understanding first
Mobile - Mode: Passthrough, no DHCP, bridged to eth0.
Lan interface: DHCP disabled, bridged to eth1 (LAN2).
Looks correct for the most part, I’m just wondering, why eth1 and eth0? One is for the WAN interface (eth1) and one is for the LAN interface (eth0). Or are these just examples for the answer?
Regarding the AP - could you clarify: Do you want it so that in the RUTXR1 LAN Wired / Wireless clients would be able to reach the Mikrotik LAN? In this case, static routes would be the better option here.
If it’s to bridge both LANs (Mikrotik & RUTXR1), then This Wiki example should be the way to go.
Looks correct for the most part, I’m just wondering, why eth1 and eth0? One is for the WAN interface (eth1) and one is for the LAN interface (eth0). Or are these just examples for the answer?
I am specifying eth0 as the port that passes the mobile connection through to the mikrotik. Is this correct?
Likewise, there is eth1, the port that the Wifi AP is passing through to the mikrotik ( mikrotik provides DHCP server to those AP clients).
So to clarify
Teltonika services
Mobile, passed through to Mikrotik.
Wifi AP, clients are routed by the Mikrotik DHCP.
Mikrotik
receives the Mobile WAN passed through to WAN2 ( WAN1 is starlink)
on another port, provides routing to the teltonika Wifi AP.
for the Wifi AP, does this mean bridging the teltonika LAN interface with the physical port (eth1) that goes to the LAN port on the Mikrotik?
Would it be possible for you to provide a topology (of course, blur out any Public IP addresses and such) of your desired network configuration?
Another question, do you want to connect the Mikrotik device to the XR1 as a Wi-Fi client, or the other way around, the Mikrotik to the XR1 as a Wi-Fi client?
Hi, see below - sorry it’s basic but I hope it shows what I have, but I know it’s possible some parts may be unnecessary.
For example:
The Teltonika is a wifi AP for the Mikrotik.
It is also a backup internet/WAN source for the Mikrotik.
I think this means I need a cable for both LANport1 as well as LANport2, to keep those separate functions physically separate, and for the Mikrotik to assign different rules for those ports. But this might be wrong.
All clients (including Wificlient) should reach the internet through Starlink via the Mikrotik, and failover to the WAN2-Mobile->Teltonika Mobile internet.( I can configure this failover feature ok).
The biggest confusion is how to treat the interfaces and LAN on Teltonika. It has a default LAN interface but it is confusing to me how this is treated/configured.
A clear explanation of how each interface should be configured in the teltonika would be much appreciated. I understand the mobile side ok - this will be a passthrough. I will do this last since I might lose remote UI access.
Hi Again,
I tried to configure the lan interface to bridge to eth1, but the UI doesn’t allow this - the “interface” selection goes colour red, and if I try to Save and Apply, I get an error “Some fields are invalid”.
There doesn’t seem to be any discussion in the Wiki of the “Port Priority” (SFP/Ethernet) option that appears when I select eth1. It seems as if this is a special status port?
Am I correct to choose eth1? This is the second lan port, correct?
eth0 is the first lan port, that we used for the mobile WAN to the mikrotik.
Hello,
I have done a lot of testing various scenarios. It seems that:
The passthrough mode selects eth0 and “lan” interface automatically “behind the scenes”, without a way to change which port or interface it bridges with. See TWO ip4 IPs in the br-lan interface - one is the ip from the mikrotik, the other is from the mobile interface.
13: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:1e:42:3e:f2:f4 brd ff:ff:ff:ff:ff:ff
inet 10.9.1.2/24 brd 10.9.1.255 scope global br-lan
valid_lft forever preferred_lft forever
inet 100.xxx.xxx.xxx/32 brd 255.255.255.255 scope global br-lan
valid_lft forever preferred_lft forever
inet6 XXX:XXX:XXXX::1/60 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 XXX::XXX:XXX:XXX:XXXX/64 scope link
valid_lft forever preferred_lft forever
Unless I can manually tell the passthrough to choose a different interface, I cannot seem to separate the passthrough and wifi functions into two separate physical interfaces/ports.
it seems that eth1 has some special status with sfp - unless this is a configuration I have applied?
if I wish to choose a new interface for the wifi to bridge with, it only gives me eth1 or eth0 - I can type in anything I want also, but should it not offer me any of the available ports - eth0-eth4?
After this, I’ve created a new LAN interface under Network > LAN and set the Protocol to “None”
I then also created a new WAN interface under Network > WAN. I set the Protocol to “DHCP” and then, under the Physical settings enabled Bridge interfaces and assigned the eth0.3 interface, which is our VLAN:
Finally, I headed back to Network > LAN went to edit the LAN1 interface and went to the Physical settings to assign the eth0.3 + wlan0-1 interfaces, however, I did not enable Bridge interfaces:
