Business Community > Routers > ER605 working on Network Bridge, but only ICMP works
< Routers

ER605 working on Network Bridge, but only ICMP works

ER605 working on Network Bridge, but only ICMP works

ER605 working on Network Bridge, but only ICMP works
ER605 working on Network Bridge, but only ICMP works
2024-07-31 19:39:09 - last edited 2024-08-01 01:22:25
Tags: #VLAN & Multi-Networks #NAT
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: 2.2.3 Build 20231201 Rel.32918

Hello Everyone,

 

i´m a bit confused and would very much appreciate if anybody could help me.

 

I used a ER605 to connect to different IP-Networks on a client's office. Network "Alpha" works with IP 217.x.x.x and Network "Beta" operates with 192.x.x.x IPv4 addresses.

 

I assigned WAN on ER605 to Network BETA and activate WAN1/LAN and assigned it to Network Alpha. Then it did the static IP routing by Tansmission->Routing, and I could ping every client on Alpha and Beta as well.

 

IP_config

 

But none of the other protocols would work. No HTTP´s requests, no SMB or Prnting Services could connect to each other.
My prime suspect were the firewall settings on the ER605 and I set up some ALLOW rules, but nothing would work.

 

Firewall

 

Thank you for your help; I appreciate every clue!

 

best regards

Daniel

 

  0      
 
  0      
 
#1
Options
2 Accepted Solutions
Re:ER605 working on Network Bridge, but only ICMP works-Solution
2024-08-01 01:22:16 - last edited 2024-08-01 01:22:25

Hi @Daniel_5469 

Thanks for posting in our business forum.

This should be either port forwarding or DMZ if you need everything to be forwarded.

It has nothing to do with the ACL or routing.

Virtual Services(Port Forwarding) on the Router Doesn't Take Effect

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#2
Options
Re:ER605 working on Network Bridge, but only ICMP works-Solution
2024-08-02 15:48:21 - last edited 2024-08-02 15:49:38

  @Clive_A 

 

Dear Clive_A,
 

thank you for answering again. I regret that you couldn't give some Example for WAN-to-WAN configuration without Firewall or Filtering, Meanwhile, I think it is not possible within the ER605 Firmware.

 

Because of these circumstances, I set up an alternative Solution that I want to share to anybody else looking for this Network Structure in the future:

I used a simple, less elegant, method with VLAN Routing.

 

First, I added two additional Networks to the ER605 based on the IP Networks that where preexisted in the Client's Office. (Network->LAN in the Menu)


LANs

 

 

 

After that, I set the VLAN ID to 20 for Network Alpha and 30 for Network Beta. (Network-VLAN)

 

 

 

 

Afterward, I set for Alpha and Beta a different Ethernet Port with "UNTAG" and finally, I set up PVID´s like this for the ports.
 

 

 

In my case, it was necessary to configure the gateway IPs on some of the Network Clients to the ER605 IP’s I defined in step one.
This and some other lower-level "Network Magic" finally works after a Reboot.

 

I hope I can spare another IT-Guy in the future some time with this solution.

 

  @Clive_A would you please move the "Solution" Tag from Reply two to this Repy?

 

Best Regards
Daniel

Recommended Solution
  2  
  2  
#5
Options
4 Reply
Re:ER605 working on Network Bridge, but only ICMP works-Solution
2024-08-01 01:22:16 - last edited 2024-08-01 01:22:25

Hi @Daniel_5469 

Thanks for posting in our business forum.

This should be either port forwarding or DMZ if you need everything to be forwarded.

It has nothing to do with the ACL or routing.

Virtual Services(Port Forwarding) on the Router Doesn't Take Effect

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#2
Options
Re:ER605 working on Network Bridge, but only ICMP works
2024-08-01 15:51:28

  @Clive_A

 

Dear Clive,

 

Thank you for your Quick and competently reply. I never thought that Port Forwarding was located on a Menu Item called "Virtuel Server".
However, I think you’re Right, but even with the Guides you linked to me and some others from a quick Google search, I couldn't configure a proper Connection.

 

For a complete open, Exposed, Host, I tried a DMZ configuration like this by "NAT-DMZ":

DMZ

But it didn't work.
After that, I set a wide Port Range under Virtual Server for the same Host like this:


Virtuel_Server

Even this wouldn't work, and the Web interface on the ER 605 crashed. According to a another post on this forum, maybe the Port Range is too big to Operate for the Firmware.

 

I would really Appreciate if you can show me an Example to set all Ports Free between the Hosts on the Alpha and Beta Networks (WAN to WAN1/LAN and back).
I would apply them if i reseted the ER605 to regain access to the Web interface, tomorrow.

 

Thank you for your patience.

Daniel
 

  0  
  0  
#3
Options
Re:ER605 working on Network Bridge, but only ICMP works
2024-08-02 00:49:40 - last edited 2024-08-02 00:49:55

Hi @Daniel_5469 

Thanks for posting in our business forum.

Daniel_5469 wrote

  @Clive_A

 

Dear Clive,

 

Thank you for your Quick and competently reply. I never thought that Port Forwarding was located on a Menu Item called "Virtuel Server".
However, I think you’re Right, but even with the Guides you linked to me and some others from a quick Google search, I couldn't configure a proper Connection.

 

For a complete open, Exposed, Host, I tried a DMZ configuration like this by "NAT-DMZ":

 

But it didn't work.
After that, I set a wide Port Range under Virtual Server for the same Host like this:


 

Even this wouldn't work, and the Web interface on the ER 605 crashed. According to a another post on this forum, maybe the Port Range is too big to Operate for the Firmware.

 

I would really Appreciate if you can show me an Example to set all Ports Free between the Hosts on the Alpha and Beta Networks (WAN to WAN1/LAN and back).
I would apply them if i reseted the ER605 to regain access to the Web interface, tomorrow.

 

Thank you for your patience.

Daniel
 

Internal IP should be LAN IP address. Not a public IP. I suppose you might need some readings over the configuration.

You may search on the official website regarding of the DMZ and Virtual Server(port forwarding).

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  1  
  1  
#4
Options
Re:ER605 working on Network Bridge, but only ICMP works-Solution
2024-08-02 15:48:21 - last edited 2024-08-02 15:49:38

  @Clive_A 

 

Dear Clive_A,
 

thank you for answering again. I regret that you couldn't give some Example for WAN-to-WAN configuration without Firewall or Filtering, Meanwhile, I think it is not possible within the ER605 Firmware.

 

Because of these circumstances, I set up an alternative Solution that I want to share to anybody else looking for this Network Structure in the future:

I used a simple, less elegant, method with VLAN Routing.

 

First, I added two additional Networks to the ER605 based on the IP Networks that where preexisted in the Client's Office. (Network->LAN in the Menu)


LANs

 

 

 

After that, I set the VLAN ID to 20 for Network Alpha and 30 for Network Beta. (Network-VLAN)

 

 

 

 

Afterward, I set for Alpha and Beta a different Ethernet Port with "UNTAG" and finally, I set up PVID´s like this for the ports.
 

 

 

In my case, it was necessary to configure the gateway IPs on some of the Network Clients to the ER605 IP’s I defined in step one.
This and some other lower-level "Network Magic" finally works after a Reboot.

 

I hope I can spare another IT-Guy in the future some time with this solution.

 

  @Clive_A would you please move the "Solution" Tag from Reply two to this Repy?

 

Best Regards
Daniel

Recommended Solution
  2  
  2  
#5
Options

Information

Helpful: 0

Views: 330

Replies: 4

Tags

VLAN & Multi-Networks NAT
Related Articles
 ICMP forwarding
280 0
Wireguard Mesh / ICMP not working between LANs... unless TRACERT command
409 0
ER605 managed by OC200: port forwarding not working
733 1
How can I use a different IP network in the ER605 router?
786 0
ER605 Standalone network segregation
497 0
ER605 Port Forwarding to an ip on vlan
414 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.