Port forwarding not working correctly with new Archer GE800

Port forwarding not working correctly with new Archer GE800

Port forwarding not working correctly with new Archer GE800
Port forwarding not working correctly with new Archer GE800
2024-09-08 16:00:42 - last edited 2024-09-09 11:54:36
Model: Archer GE800  
Hardware Version: V1
Firmware Version: 1.1.3 Build 20240528 rel.85215(5553)

I run a reverse proxy on my network that points to home assistant.

 

I got a new Archer GE800 and installed/configured it but the port forwarding is not working.

 

I am forwarding port 80 and port 443 but I cannot connect to my site. If I add the server IP as the DMZ the connection works fine, so I know it isn't an issue with my reverse proxy or DNS. The services are accessible through their ip:port on my local network so I know theyre working as well.

 

I looked through all of the settings and I dont see anything obvious as to why this isnt working. This setup was working fine with my previous router.

 

Can anyone help? To me it seems like ports aren't forwarding.

 

canyouseeme.org reports that ports 80 and 443 are indeed open, but I still cant reach my services. What is going on here? This really doesn't make sense.

 

I would say this is a problem with my setup but since putting the server in the DMZ makes it all work it has to be an issue with the router.

  0      
  0      
#1
Options
1 Accepted Solution
Re:Port forwarding not working correctly with new Archer GE800-Solution
2024-09-21 20:41:26 - last edited 2024-09-21 20:41:30

  @Kevin_Z 

@Mrk1234 

 

The TPLink engineers told me this is expected behavior. They claim the DMZ takes priority over manually forwarded ports. I don't know if that's per IEEE spec or not but I'm just going to accept it. Either this router or my old Netgear cax80 had incorrect behavior.

 

They told me to leave my manual forwards and instead of using DMZ forward every other port to my Nintendo Switch. I tried that but my Nintendo Switch still reports Nat Type B instead of A.

 

All a bit frustrating but I use my Nintendo Switch infrequently so not a huge deal for me.

 

Recommended Solution
  0  
  0  
#10
Options
6 Reply
Re:Port forwarding not working correctly with new Archer GE800
2024-09-08 16:29:59

Well I fixed this but it doesnt make sense.

 

I had the DMZ server turned on and set to the IP of my Nintendo Switch so it doesn't get NAT restrictions.

 

For some reason turning off the DMZ server fixes my port forwarding issue.

 

Makes no sense maybe someone from TP Link could chime in?

  0  
  0  
#3
Options
Re:Port forwarding not working correctly with new Archer GE800
2024-09-09 10:55:06

@billg118 

 

Thank you for posting in the community.

 

Could you please confirm whether you're enabling the DMZ for the proxy server or the Nintendo Switch? After disabling the DMZ, is port forwarding now functioning properly?

 

I'm not sure why this issue occurred, but it seems there may have been a conflicting setting. If you're unsure which settings caused the conflict, I recommend resetting the GE800 to factory defaults. After that, set up port forwarding for the proxy server to see if you can access it externally.

 

If you can access it, that means port forwarding is working. You can then reintroduce other settings one by one to identify any that may cause issues.

Nice to Meet You in Our TP-Link Community. Check Out the Latest Posts: Connect TP-Link Archer BE550 to Germany's DS-Lite (Dual Stack Lite) Internet via WAN Archer GE550 - BE9300 Tri-Band Wi-Fi 7 Gaming Router Archer BE800 New Firmware Added Support for EasyMesh in AP Mode, DoH&DoT, and 3-Band MLO Connection Archer AX90 New Firmware Added Support for EasyMesh and Ethernet Backhaul If you found a post or response helpful, please click Helpful (arrow pointing upward icon). If you are the author of a topic, remember to mark a helpful reply as the "Recommended Solution" (star icon) so that others can benefit from it.
  0  
  0  
#5
Options
Re:Port forwarding not working correctly with new Archer GE800
2024-09-09 11:16:25 - last edited 2024-09-09 11:25:40

  @Kevin_Z 

 

Thanks for the reply.

 

The port forwarding is for the proxy server. The DMZ is for the Nintendo Switch.

Here are my exact setup steps:

 

1. Configure and turn on port forwarding for three ports on my server at 192.168.0.28.

At this point port forwarding is working correctly

  • canyouseeme.org says the ports are open
  • The services using those three ports are accessible from inside and outside my network
  • Doing tracert shows that the domain is resolved in a single hop, which is expected and correct.

 

 

2. Turn on the DMZ and point it to my Nintendo Switch at 192.168.0.14

At this point port forwarding is not working correctly

  • canyouseeme.org says the ports are open
  • The services using those three ports are NOT accessible from inside or outside my network
  • Doing tracert shows that the domain is not resolved. The first hop is exactly the same and is correct, but then it attempts a second hop which times out.
  • This behavior happens with any DMZ Host IP.

 

 

 

I'd rather not reset the GE800 if I don't have to but if that's the only thing to try here I could give it a shot.

 

I'm almost totally sure this is a bug in the firmware. It seems pretty cut and dry here; when the DMZ is off port forwarding works. When DMZ is on port forwarding doesn't work.

 

 

  0  
  0  
#6
Options
Re:Port forwarding not working correctly with new Archer GE800
2024-09-09 11:43:10 - last edited 2024-09-21 20:41:35

@billg118 

 

Thank you very much for the detailed description. It is very clear now.

 

I agree that there’s no need to reset the GE800 at this moment until we confirm whether there’s an issue with the port forwarding and DMZ settings. I will ask our support engineers to investigate further and will have them contact you once this is confirmed.

 

They will reach out to you at your registered email address, so please keep an eye on your inbox for their follow-up. Thank you!

Nice to Meet You in Our TP-Link Community. Check Out the Latest Posts: Connect TP-Link Archer BE550 to Germany's DS-Lite (Dual Stack Lite) Internet via WAN Archer GE550 - BE9300 Tri-Band Wi-Fi 7 Gaming Router Archer BE800 New Firmware Added Support for EasyMesh in AP Mode, DoH&DoT, and 3-Band MLO Connection Archer AX90 New Firmware Added Support for EasyMesh and Ethernet Backhaul If you found a post or response helpful, please click Helpful (arrow pointing upward icon). If you are the author of a topic, remember to mark a helpful reply as the "Recommended Solution" (star icon) so that others can benefit from it.
  0  
  0  
#7
Options
Re:Port forwarding not working correctly with new Archer GE800
2024-09-09 11:54:52

  @Kevin_Z 

 

Thanks very much. Appreciate it.

  1  
  1  
#8
Options
Re:Port forwarding not working correctly with new Archer GE800-Solution
2024-09-21 20:41:26 - last edited 2024-09-21 20:41:30

  @Kevin_Z 

@Mrk1234 

 

The TPLink engineers told me this is expected behavior. They claim the DMZ takes priority over manually forwarded ports. I don't know if that's per IEEE spec or not but I'm just going to accept it. Either this router or my old Netgear cax80 had incorrect behavior.

 

They told me to leave my manual forwards and instead of using DMZ forward every other port to my Nintendo Switch. I tried that but my Nintendo Switch still reports Nat Type B instead of A.

 

All a bit frustrating but I use my Nintendo Switch infrequently so not a huge deal for me.

 

Recommended Solution
  0  
  0  
#10
Options

Information

Helpful: 0

Views: 482

Replies: 6

Related Articles