IP Pass-through allows a WTI unit with a cellular modem to share its cellular internet connection and public IP to a downstream device (i.e. a router), making the modem connection appear as a regular Ethernet connection to the downstream device. In this way, the WTI's cellular internet connection can serve as a primary or backup WAN interface for your device or LAN.
While IP passthrough mode passes any connections to the cellular modem's public IP through to the downstream device, connections can still be terminated on the WTI interface via Locally Terminated Ports (LTP). This makes the WTI unit accessible for normal out of band management.
Complete the following steps to setup IP passthrough. The following steps will pass the WTI unit's public IP through to a device connected to eth1. Similarly eth0 can be used.
CONFIGURE WTI ETH1
- At the WTI CLI, enter /N1, configure the IP. Any dedicated private IP will work (i.e. 192.168.1.1), as it will normally not be accessible and only exists between the WTI unit and the downstream device.
CONFIGURE THE WTI DHCP SERVER
- At the WTI CLI, enter /N1.
- Select 4 for DHCP
- Select 2 for DHCP Server
- Enable DHCP Server
- Set the Gateway as the IP of eth1 (i.e. 192.168.1.1).
- Enter a Primary/Secondary DNS server (i.e. 8.8.8.8/8.8.4.4 for Google DNS)
- Modify Domain Name, Default Lease, and Maximum Lease if desired.
- Modify Pool Start/End to define the IP range that will be served to LAN clients. Ensure that the pool range does not contain the IP of eth1 (i.e. Start = 20, End = 30.)
ENABLE WTI IP PASS-THROUGH
- At the WTI CLI, enter /CELL
- Select 5 to for IP passthrough
- Select 1 to enable IP passthrough (LTPs will automatically be configured when feature is enabled)
- Select 2 to set the interface to eth1
- Select 3 to select the MAC address for the downstream device which you would like to pass the public IP to. If no MAC is selected, the last device to request a DHCP lease will be used.
- Note that when IP passthrough is enabled, Locally Terminated Ports are automatically configured to the original port number plus 5000 for HTTP, HTTP, and SSH. This is to prevent the unit from being put into an inaccessible state, and guarantees users have a way to access the unit for out of band management. Use options 4/5/6 to enable/disable the services, or change the locally terminated port numbers. When the feature is turned off, the ports are automatically returned to their original states.
CONNECT DOWNSTREAM DEVICE
Connect downstream device to the WTI units eth1. Make sure the device is
configured to acquire an IP address via DHCP. If downstream device is another WTI device, set options 4, 5, and 6 to ON. Your downstream device should acquire an IP address in the range set in step 9 above. The downstream device should now behave as if directly connected to the internet at the WTI unit's modem public IP.
TEST INTERNET CONNECTIVITY
Ping www.google.com from downstream device
TEST CONNECTING TO DOWNSTREAM DEVICE VIA MODEM PUBLIC IP
http://x.x.x.x should connect to downstream interface's web interface (where x.x.x.x is the modems public ip)
https://x.x.x.x should securely connect to downstream interface's web interface (where x.x.x.x is the modems public ip)
ssh super@x.x.x.x should securely connect to downstream interface's command line interface (where x.x.x.x is the modems public ip)
TESTING LOCALLY TERMINATED PORTS
http://x.x.x.x:5080 should connect to the web interface of the WTI unit (connection not passed to downstream router)
http://x.x.x.x:5443 should securely connect to the web interface of the WTI unit (connection not passed to downstream router)
ssh super@x.x.x.x -p 5022 should securely connect to the command line interface of the WTI unit (connection not passed to downstream router)