@MikeW1 

What is that "bridges"? Is that a web server in your local network?

DId you open port for the server IP?

  @Somnus it is a pair of Ubiquiti Powerbeams.   If I am on their network it can be walked.  they can be pinged, http/https allows access to all information.  There are no restrictions on the bridge restricting the walk and I have used snmpwalk when I had another router in place.  Because this is production I do not want to disrupt too much, but may have to place a switch outside to be able to get a wireshark trace of the traffic.  since it is UDP traffic, I was wondering if I needed something to allow the inbound response but do not find any information as to how that might be checked.

  @MikeW1 

You may check the WAN IP address of the ER7206, is that on the same subnet as your Ubiquiti Powerbeams?

The "bridge" is on the WAN side of the ER7206, so the router can only communicate with it via the WAN IP.

  @Somnus to get specific:

my ER7206 LAN 172.27.0.1     WAN 192.168.5.54

Bridges are 192.168.5.51 and 192.168.5.50

Router before At&T  192.168.5.1 (and I do not have access to this router)

from 172.27.0.245 I can ping 192.168.5.1, .50, .51 and can https to .50, . 51

from 192.168.5.53 I can snmpwalk for .50 and .51

from 172.27.0.245 snmpwalk times out.  the Ubiquiti bridges will accept snmp from any source.

to put a switch in the link so I can get a wireshark capture to see if packets are getting out will be disruptive and 

right now even a 20 minute down  time would be hard to get.

  @MikeW1 

If your ER7206 is running on Standalone mode, then you can use one LAN port as mirror port, and capture the packets from router WAN port. Guide

I suspect SNMP packets cannot go through ER7206 NAT.