Port forwarding issues with Archer C7 behind ISP's router
Hi,
I am having an unusual issue with Archer C7 that is behind an ISP's router when trying to set up the port forwarding.
The ISP's router is in 192.168.0.0/24 network and has DMZ set to 192.168.0.2
Archer C7 is set to have 10.0.0.0/8 network and has static WAN IP set up as 192.168.0.2
On Archer, I set up the Virtual server to forward, for example, port 80 to 10.0.1.5 (note that the server is working as expected when accessing locally). Unfortunately it seems that this is not working as the traffic is not being forwarded. In addition, when I add a new Virtual server I see the following message in log: "WARNING [24012] The host ip address is not in the lan subnet[10.0.1.5]".
I previously had a TP-Link WR-1043ND with DD-WRT firmware with the exact same setup as the new Archer C7 and this was working without a hitch.
Thanks for any help or possible more troubleshooting tips
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
What is the current network diagram? How do you connect these devices together?
What is the internet IP address of the ISP router?
Try to access the server remotely with the WAN IP of ISP router and port number. Please show us a screenshot of the result page.
Besides, for the error message you mentioned, the IP address is 10.0.1.5, while the LAN IP of Archer C7 is 10.0.0.x, the IP address of the connected device should be 10.0.0.x.
Good day.
- Copy Link
- Report Inappropriate Content
Hi @Kevin_Z
The network diagram is as follows:
Internet -> ISP Router (192.168.0.1/24, external IP acquired from ISP, 192.168.0.2 set as DMZ) -> Archer C9 (10.0.0.1/8, 192.168.0.2 WAN IP) -> Server (10.0.1.5/8).
Everything is connected via ethernet cables.
If I try to access port 80 via external IP that should be forwarded to server, I get a timeout:
$ curl external-ip:80 curl: (7) Failed to connect to external-ip port 80: Operation timed out
Regarding the error/warning, the IP address of the server I am trying to add the forwarding to is in the same network (note the /8 subnet mask). I will try and assign it a 10.0.0.x IP and see if this will solve this issue, but it seems to me that this is a bug in the router firmware if that is the case..
- Copy Link
- Report Inappropriate Content
Thanks for your explanation, you can assign a 10.0.0.X IP to the server to give it a go.
Meanwhile, you can use the computer in the same network to do the tests below and tell us the results.
A. Use LAN IP+port to test if the service can be accessed from LAN;
B. Use WAN IP+port on LAN PC to test if the port is opened.
Please disable the firewall and anti-virus software on the server.
Good day.
- Copy Link
- Report Inappropriate Content
I tried setting the server IP address to 10.0.0.x but the same error persists (nothing gets forwarded and the log message about the IP not being in the same lan subnet appears).
A. Access works normally using LAN IP and port (assuming you meant LAN IP of the server)
B. I will test this case later today (from ISP router's network towards Archer)
- Copy Link
- Report Inappropriate Content
Confirmed that when accessing the server via ISP router's network that I cannot access the server (getting timeouts) in the Archer's network using the Archer's WAN IP.
- Copy Link
- Report Inappropriate Content
This is definitely a bug in the router firmware. I recreated the exact same setup using Ubiquiti EdgeRouter X and it works without a hitch. Will be returning the Archer and ask for a refund.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 2121
Replies: 6
Voters 0
No one has voted for it yet.