Domnev1: Difference between revisions

From Teltonika Networks Wiki
No edit summary
No edit summary
 
Line 1: Line 1:
<p style="color:red">The information on this page is updated in accordance with the [https://wiki.teltonika-networks.com/view/FW_%26_SDK_Downloads'''00.07.09'''] firmware version .</p>
<p style="color:red">The information on this page is updated in accordance with the [https://wiki.teltonika-networks.com/view/FW_%26_SDK_Downloads'''00.07.09'''] firmware version .</p>
__TOC__
==Summary==


This article contains instructions on how to configure Port Foward functionality on most of the Teltonika Networks devices (with the exception of TAP and TSW series)
==Introduction==


<b>Port Forwarding</b> is the process of redirecting data packets to another destination. In Teltonika-Networks devices this is a feature of the iptables firewall, NAT table, PREROUTING chain. When a packet matches a port forwarding rule, the destination and/or port values are changed in the packet header.
This article contains step-by-step instructions on how to set up bidirectional communication between two serial RS232 devices over TCP/IP.


==Configuration overview & prerequisites==
==Configuration overview & prerequisites==
Before we begin, let's take a look at the configuration that we are attempting to achieve and the prerequisites that make it possible.


Configuring port forwarding on Teltonika devices is a simple process that involves just a few steps and can easily be replicated across various devices. The number of devices involved will depend on the specific use case, but the setup can be scaled seamlessly. In the example below, we will use the RUTX50 as the primary device with mobile internet connectivity, acting as the gateway and DHCP server. This setup allows us to remotely access third-party devices connected to RUTX50 over the internet.
End devices are connected to separate RUT956 routers through RS232 connection, and client connects to the server through its Public IP address.


[[File:Networking_rutos_faq_port_forwarding_example_1_v1.png|900px]]
[[File:OverIP Client Server network topology.png|border|class=tlt-border|1005px]]


'''Prerequisites''':
'''Prerequisites''':
* A device from the RUT, RUTX, RUTM, RUTC or TRB series gateway;
* A device which we will be reaching through port forward
* A PC, Laptop, tablet or a smartphone
* The Teltonika Networks device must have a SIM card with a Public Static or Public Dynamic IP address (more on IP address types '''[[Private and Public IP Addresses|here]]''') to make remote access possible
* (Optional) If the router's SIM card has a Public Dynamic IP address, you may want to additionally configure a '''[[Dynamic DNS]]''' hostname


*Two devices with RS232 support
*Two end devices (PCs or RS232 devices able to send and receive data, here we will be using PCs with serial simulators)
*Over IP Server must have a SIM card with a Public Static or Public Dynamic IP address (more on IP address types here) to make remote access possible
{{Template:Networking_rutos_manual_basic_advanced_webui_disclaimer
{{Template:Networking_rutos_manual_basic_advanced_webui_disclaimer
| series = RUTX
| series = RUTX
}}
}}


==Router configuration==
==Over IP Server==


First, let's overview what configurations we'll be needing to set up:
====Obtaining Public IP: Set an APN====
 
* Enable '''remote HTTP access''', so that the router can be reached from a remote location
* Specify an '''Access Point Name''' ('''APN''') for the SIM card in use, so that the router will obtain a Public IP address
* Configure a '''Port Forwarding''' rule that redirects all connections from one Port to the camera's IP address:Port
* (Optional) Configure '''[[Dynamic DNS]]''' hostname
 
===Enabling remote HTTP(S) access===
----
----
To enable remote HTTP access, log in to the router's WebUI and navigate to the  '''System → Administration → Access Control''' tab. Once in the '''Administration-Access Control''', find the '''Enable remote HTTP access''' field and put a check mark next to it:
In this example we are using Public IPs, it also works with Private IPs if routers are in same LAN
 
[[File:enable remote access HTTP.png|border|class=tlt-border|]]
 


'''WARNING''': once you set up any type of remote access, your router becomes vulnerable to malicious attacks from unknown hosts throughout the Internet. It is highly recommended that once you enable remote access, you also change the router's default password to a string, custom password. You can change the router's password in '''[[RUT950_Administration#General|System → Administration → General → Administrator Password]]'''
====Step 2: Set an APN====
----
'''Note:''' If you have a Public IP address already, you can skip this step.
'''Note:''' If you have a Public IP address already, you can skip this step.


Line 64: Line 45:
[[File:Where public IP.png|border|class=tlt-border]]
[[File:Where public IP.png|border|class=tlt-border]]


===Step 3: Configure Port Forwarding===
 
===Over IP Server RS232 configuration===
----
----
Navigate to the '''Port Forwards''' tab by going to '''Network Firewall Port Forwards'''. Scroll down to the bottom of the page and locate the '''New Port Forward Rule''' section. Set the following parameters:
Navigate to the Over IP tab by going to '''Services Serial Utilities Over IP''' . Insert desired name and select RS232. Make sure to '''enable the instance''' '''(1)''' and '''configure Serial port in accordance''' '''(2)''' to connected device, these should match on both routers to avoid miscommunication.
# Custom name for the port forward.
# External port(s): '''8888''' (LAN device HTTP port)
# Internal IP: '''192.168.1.100''' (LAN device IP address)
# Internal port(s): '''80'''
# Click on '''Add''' button.


[[File:Create PF rule new.png|border|class=tlt-border]]
[[File:OverIP Sever serial config.png|border|class=tlt-border]]


After you have added the new rule, you will redirected to that rule's configuration window. Make sure to '''enable''' a rule. Everything else should already be in order so just click '''Save & Apply''' and your rule will be created.


===(Optional) Step 4: Configure Dynamic DNS===
===Over IP Server configuration===
----
----
'''[[Dynamic DNS]]''' ('''DDNS''' or '''DynDNS''') is a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DDNS configuration of its configured hostnames, addresses or other information.
After applying RS232 configuration scroll down and configure Over IP Server:


Dynamic DNS configuration is optional here, but it is recommended if your SIM card has a Dynamic Public IP address. You can find more information on what a Dynamic Public IP address is '''[[Private_and_Public_IP_Addresses#Dynamic_IP_address|here]]''', but in short it means that your WAN IP address is Dynamic and, therefore, it may change over time (usually when disconnecting/reconnecting or re-registering to a network). Dynamic DNS assigns a hostname to your IP address and constantly updates that hostname, which means that even if your IP address changes, DDNS will assign the same hostname to your new IP, making your router reachable via the same hostname at any time.  
# Mode '''Server'''- the device waits for incoming connections.
# Select a desired protocol, '''TCP or UDP'''.
# '''TCP/UDP port''' - specify desired port.


You must use an external DDNS service to create a hostname and assign it to your IP. RUT routers support many such services. You can find a complete list of supported DDNS services in the '''Services → Dynamic DNS''' section of the router's WebUI. You can also find guides on how to configure some of these services in our wiki:
[[File:OverIP TCP server configuration port.png|border|class=tlt-border]]


* '''[[Dynu.com DDNS configuration]]'''
* '''[[Dnsdynamic.org DDNS configuration]]'''
* '''[[Noip.com DDNS configuration]]'''


The guides contain information on how to configure both the router and the third party service. Choose one according to your liking.
===IP Filter===
----
 
Once finished the above configuration, add interfaces through which routers will be communicating, You can add IP address that will be allowed to connect or enter 0.0.0.0 to allow all connections coming through correct port.
 
[[File:OverIP TPC Server IP filter.png|border|class=tlt-border]]
 
 
==OverIP Client==
 
===OverIP Server RS232 configuration===
----
Navigate to the OverIP tab by going to '''Services → Serial Utilities → OverIP''' . Insert desired name and select RS232. Make sure to '''enable the instance''' '''(1)''' and '''configure Serial port in accordance''' '''(2)''' to connected device, these should match on both routers to avoid miscommunication.
 
[[File:OverIP Client serial config.png|border|class=tlt-border]]
 
 
===OverIP Client configuration===
----
After applying RS232 configuration scroll down and configure Over IP Server:
 
# Mode '''Client''' – the device initiates the connection.
# Select a desired protocol, '''TCP or UDP'''.
# '''Address''' is the Over IP Sever Public IP address. '''Port''' is the port we have configured on the Over IP Server device.  


==Testing the set up==
[[File:OverIP TCP Client configuration IP port.png|border|class=tlt-border]]


==Testing configuration==


If you followed configuration steps both end devices should be able to send and receive data. In this example we use Hercules program on both computers and open serial communication with routers. We are able to send and receive data through RS232.


==See Also==
[[File:Over IP Client Server hercules test.png|border|class=tlt-border|1004px]]
Most Teltonika-Networks devices have the port forwarding feature. Configuration is described in the user manual Firewall page for each device.

Latest revision as of 20:49, 13 October 2024

The information on this page is updated in accordance with the 00.07.09 firmware version .

Introduction

This article contains step-by-step instructions on how to set up bidirectional communication between two serial RS232 devices over TCP/IP.

Configuration overview & prerequisites

End devices are connected to separate RUT956 routers through RS232 connection, and client connects to the server through its Public IP address.

Prerequisites:

  • Two devices with RS232 support
  • Two end devices (PCs or RS232 devices able to send and receive data, here we will be using PCs with serial simulators)
  • Over IP Server must have a SIM card with a Public Static or Public Dynamic IP address (more on IP address types here) to make remote access possible

If you're having trouble finding this page or some of the parameters described here on your device's WebUI, you should turn on "Advanced WebUI" mode. You can do that by clicking the "Advanced" button, located at the top of the WebUI.

Over IP Server

Obtaining Public IP: Set an APN


In this example we are using Public IPs, it also works with Private IPs if routers are in same LAN

Note: If you have a Public IP address already, you can skip this step.

To set the APN, while in the router's WebUI, navigate to the Network → Mobile → General → Interface mob1s1a1 APN configuration:

Once in the Interface mob1s1a1 APN configuration window, edit your mobile interface, find the APN field and enter you Internet Service Provider's APN:

  1. Disable the Auto APN option
  2. Choose the correct APN, which gives out a public IP address (for more information about that contact your Internet Service Provider)

Additional notes on APN:

  • NOTE 1: don't use the exact APN value as seen in the example above as it will not work with your SIM card. APN depends on your Internet Service Provider (ISP), therefore, your ISP should provide you with their APN or, in many case, you can find your ISP's APN with an online search.
  • NOTE 2: furthermore, it should be noted that not all SIM cards support this functionality. Static or Dynamic Public IP addresses (obtained through APN) are a paid service and setting any APN value for a SIM card that doesn't support this service will most likely result in losing your data connection. If this is the case, it can be fixed by simply deleting the APN, but it also means that remote access through mobile WAN IP will most likely not work on your SIM card.
  • NOTE 3: in some cases the SIM card doesn't require an APN in order to obtain a Public IP address. If that is the case for you, simply check what your router's mobile WAN IP address is - if it's already a Public IP address, then you don't need to set an APN. The easiest way to find what your mobile WAN IP address is to log in to the router's WebUI and check the MOB1S1A1 widget in the Overview page:


Over IP Server RS232 configuration


Navigate to the Over IP tab by going to Services → Serial Utilities → Over IP . Insert desired name and select RS232. Make sure to enable the instance (1) and configure Serial port in accordance (2) to connected device, these should match on both routers to avoid miscommunication.


Over IP Server configuration


After applying RS232 configuration scroll down and configure Over IP Server:

  1. Mode Server- the device waits for incoming connections.
  2. Select a desired protocol, TCP or UDP.
  3. TCP/UDP port - specify desired port.


IP Filter


Once finished the above configuration, add interfaces through which routers will be communicating, You can add IP address that will be allowed to connect or enter 0.0.0.0 to allow all connections coming through correct port.


OverIP Client

OverIP Server RS232 configuration


Navigate to the OverIP tab by going to Services → Serial Utilities → OverIP . Insert desired name and select RS232. Make sure to enable the instance (1) and configure Serial port in accordance (2) to connected device, these should match on both routers to avoid miscommunication.


OverIP Client configuration


After applying RS232 configuration scroll down and configure Over IP Server:

  1. Mode Client – the device initiates the connection.
  2. Select a desired protocol, TCP or UDP.
  3. Address is the Over IP Sever Public IP address. Port is the port we have configured on the Over IP Server device.

Testing configuration

If you followed configuration steps both end devices should be able to send and receive data. In this example we use Hercules program on both computers and open serial communication with routers. We are able to send and receive data through RS232.