Port forwarding issues with Archer C7 behind ISP's router

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Port forwarding issues with Archer C7 behind ISP's router

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Port forwarding issues with Archer C7 behind ISP's router
Port forwarding issues with Archer C7 behind ISP's router
2019-10-13 19:47:01
Model: Archer C7  
Hardware Version: V5
Firmware Version: 1.0.11 Build 20190726 rel.57101(4555)

Hi,

I am having an unusual issue with Archer C7 that is behind an ISP's router when trying to set up the port forwarding.

 

The ISP's router is in 192.168.0.0/24 network and has DMZ set to 192.168.0.2

Archer C7 is set to have 10.0.0.0/8 network and has static WAN IP set up as 192.168.0.2

 

On Archer, I set up the Virtual server to forward, for example, port 80 to 10.0.1.5 (note that the server is working as expected when accessing locally). Unfortunately it seems that this is not working as the traffic is not being forwarded. In addition, when I add a new Virtual server I see the following message in log: "WARNING [24012] The host ip address is not in the lan subnet[10.0.1.5]".

 

I previously had a TP-Link WR-1043ND with DD-WRT firmware with the exact same setup as the new Archer C7 and this was working without a hitch.

 

Thanks for any help or possible more troubleshooting tips

  0      
  0      
#1
Options
6 Reply
Re:Port forwarding issues with Archer C7 behind ISP's router
2019-10-14 03:36:23

@jernejovc 

 

What is the current network diagram? How do you connect these devices  together? 

 

What is the internet IP address of the ISP router? 

 

Try to access the server remotely with the WAN IP of ISP router and port number. Please show us a screenshot of the result page.

 

Besides, for the error message you mentioned, the IP address is 10.0.1.5, while the LAN IP of Archer C7 is 10.0.0.x, the IP address of the connected device should be 10.0.0.x. 

 

Good day. 

 

Nice to Meet You in Our TP-Link Community. Check Out the Latest Posts: Connect TP-Link Archer BE550 to Germany's DS-Lite (Dual Stack Lite) Internet via WAN Archer GE550 - BE9300 Tri-Band Wi-Fi 7 Gaming Router Archer BE800 New Firmware Added Support for EasyMesh in AP Mode, DoH&DoT, and 3-Band MLO Connection Archer AX90 New Firmware Added Support for EasyMesh and Ethernet Backhaul If you found a post or response helpful, please click Helpful (arrow pointing upward icon). If you are the author of a topic, remember to mark a helpful reply as the "Recommended Solution" (star icon) so that others can benefit from it.
  0  
  0  
#2
Options
Re:Port forwarding issues with Archer C7 behind ISP's router
2019-10-14 10:26:17 - last edited 2019-10-14 10:47:53

Hi @Kevin_Z 

 

The network diagram is as follows:

 

Internet -> ISP Router (192.168.0.1/24, external IP acquired from ISP, 192.168.0.2 set as DMZ) -> Archer C9 (10.0.0.1/8, 192.168.0.2 WAN IP) -> Server (10.0.1.5/8).

 

Everything is connected via ethernet cables.

 

If I try to access port 80 via external IP that should be forwarded to server, I get a timeout:

 

$ curl external-ip:80
curl: (7) Failed to connect to external-ip port 80: Operation timed out

 

Regarding the error/warning, the IP address of the server I am trying to add the forwarding to is in the same network (note the /8 subnet mask). I will try and assign it a 10.0.0.x IP and see if this will solve this issue, but it seems to me that this is a bug in the router firmware if that is the case..

  0  
  0  
#3
Options
Re:Port forwarding issues with Archer C7 behind ISP's router
2019-10-16 07:21:49

@jernejovc 

 

Thanks for your explanation, you can assign a 10.0.0.X IP to the server to give it a go.

 

Meanwhile, you can use the computer in the same network to do the tests below and tell us the results.

A. Use LAN IP+port to test if the service can be accessed from LAN;

B. Use WAN IP+port on LAN PC to test if the port is opened.

 

Please disable the firewall and anti-virus software on the server.
 

Good day. 

 

 

Nice to Meet You in Our TP-Link Community. Check Out the Latest Posts: Connect TP-Link Archer BE550 to Germany's DS-Lite (Dual Stack Lite) Internet via WAN Archer GE550 - BE9300 Tri-Band Wi-Fi 7 Gaming Router Archer BE800 New Firmware Added Support for EasyMesh in AP Mode, DoH&DoT, and 3-Band MLO Connection Archer AX90 New Firmware Added Support for EasyMesh and Ethernet Backhaul If you found a post or response helpful, please click Helpful (arrow pointing upward icon). If you are the author of a topic, remember to mark a helpful reply as the "Recommended Solution" (star icon) so that others can benefit from it.
  0  
  0  
#4
Options
Re:Port forwarding issues with Archer C7 behind ISP's router
2019-10-16 07:39:13

@Kevin_Z 

 

I tried setting the server IP address to 10.0.0.x but the same error persists (nothing gets forwarded and the log message about the IP not being in the same lan subnet appears).

 

A. Access works normally using LAN IP and port (assuming you meant LAN IP of the server)

B. I will test this case later today (from ISP router's network towards Archer)

  0  
  0  
#5
Options
Re:Port forwarding issues with Archer C7 behind ISP's router
2019-10-16 16:21:29

@Kevin_Z 

Confirmed that when accessing the server via ISP router's network that I cannot access the server (getting timeouts) in the Archer's network using the Archer's WAN IP.

  0  
  0  
#6
Options
Re:Port forwarding issues with Archer C7 behind ISP's router
2019-10-23 09:50:14

@Kevin_Z 

This is definitely a bug in the router firmware. I recreated the exact same setup using Ubiquiti EdgeRouter X and it works without a hitch. Will be returning the Archer and ask for a refund.

  0  
  0  
#8
Options