Outdoor Router LAN to Firebox WAN - Not port forwarding

Hi, I have a WG T45. Have an O2 5G SIM card in an outdoor router cabled LAN to FB WAN. All working, internet access fine from inside the LAN. None of my port forward rules work on the WG including the 8080 WG UI one which I have temporarily added ANY to in the From field. So I type in my IP from outside the network say 88.555.777.333:8080 but no connection. The Outdoor router people showed me how to ACCEPT on the WAN forwarding and can't see anything wrong. I have another FB at another site but that uses a BT buiness router in passthrough mode. Any ideas? How can I check any traffic test or logs when I try my X:8080 from public side? I have used SNAT for CCTV port forwarding etc, not working.
Aside - I have CCTV within the LAN and Hikconnect works for it, but not when using IP and port forwarding as no port forwarding seems to work.
Thanks

Best Answers

  • Answer ✓

    I found the external IP from doing a WhatsMyIP and I have DynDNS NOIP account that confirms the IP from the WG that has the NOIP settings in. I cannot see this IP set anywhere else though. I've tried the IP showing on the router for the SIM card. I will look at bridge mode but the supplier says what I have in place should work and I am getting internet. I will look at Bridge mode for the router.

  • Answer ✓

    In the Web UI -> Dashboard -> Interfaces, it shows the IP addr associated for each interface

Answers

  • You can turn on Logging on these incoming policies to see packets allowed by them in Traffic Monitor.
    Then look at Traffic Monitor to see if you see any of the allows.
    If not, then it seems as if those incoming packets are not making it to the firewall.

  • Thanks. I turned on logging on the policy. I don't see anything when I do the test externally. When I type MyIP say 555.555.555.555:8080 from a pc within the network I see it in traffic monitor but the Web UI still doesn't come up. The packets say Allowed. Internally 10.0.1.1:8080 gets the UI but internally 555.555.555.555:8080 does not. Does that give a clue as to what's not working? How do I get the UI from external IP but from internally as a Step 1?
    My Policy is From Any to Firebox.
    Thanks for your help.

  • Hi, I should say that it says external allowed for the internal test using the external IP but there isn't anything incoming.

  • Also there is a CCTV system behind the Firewall and HikConnect can be seen contacting the NVR and cameras show on a mobile but not using my port forwarding policy.

  • The Web UI comes up for me when I access the public IP addr when behind the firewall.
    Is the public IP addr that you are using actually on your firewall external interface or is it on the router?

    If on the router, can you put the router in bridge mode so that your firewall gets the public IP addr assigned to it?

  • The IP on the WAN is showing as 192.168.30.2 which is what the router has assigned it. It looks like my problem is the SIM card only giving me a private IP address and not a public static IP address which would be needed to port forward over the internet. Thanks for your help.

  • Thus you need to port forward on the router to the firewall also if you can't get a public IP addr on your firewall.
    Check with the outdoor router people to see what your options are.

Sign In to comment.