DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
Incoming Port Forwarding 2862N
- smd
- Topic Author
- Offline
- New Member
Less
More
- Posts: 3
- Thank you received: 0
03 Dec 2020 13:00 #97889
by smd
Incoming Port Forwarding 2862N was created by smd
I'm trying to use the 2862N on my Plusnet connection. The outbound all works fine so it is connecting to Plusnet perfectly.
I have a web server on my Lan that is accessible from the Internet.
I have followed the guide to setup both HTTP and HTTPS (moving the VPN port) as shown in other posts.
My webserver is actually home to three domains and has been working on PlusNet for years. When I try to connect to the site when the 2862 is working, it just times out.
The HTTP server connection relies on the domain name to be forwarded. Could it be that it is not forwarded? The domain name is of the form ABCDEF.homelinux.org
This is the log of the connection attempt
2020-12-03 11:27:21 Virtual Server: 212.159.***.***:43050 -> 192.168.1.65:443 (TCP)
2020-12-03 11:27:21 Local User (MAC=00-A0-C9-00-00-00): 192.168.1.101:62890 -> 212.159.***.***:443 (TCP)
2020-12-03 11:27:20 Virtual Server: 212.159.***.***:43049 -> 192.168.1.65:443 (TCP)
2020-12-03 11:27:20 Local User (MAC=00-A0-C9-00-00-00): 192.168.1.101:62889 -> 212.159.***.***:443 (TCP)
2020-12-03 11:27:19 Local User (MAC=00-A0-C9-00-00-00): 192.168.1.101:62888 -> 18.203.7.50:443 (TCP)
The request is coming from 192.168.1.101 CP) and the Webserver is at 192.168.1.65 (static)
It seems that the port is forwarded to 192.168.1.65:443 correctly and 192.168.1.65:443 is accessible on the LAN.
Nothing of real relevance is shown on the WebServer logs.
Any help on what is happening or what I should look for next would be most welcome.
I have a web server on my Lan that is accessible from the Internet.
I have followed the guide to setup both HTTP and HTTPS (moving the VPN port) as shown in other posts.
My webserver is actually home to three domains and has been working on PlusNet for years. When I try to connect to the site when the 2862 is working, it just times out.
The HTTP server connection relies on the domain name to be forwarded. Could it be that it is not forwarded? The domain name is of the form ABCDEF.homelinux.org
This is the log of the connection attempt
2020-12-03 11:27:21 Virtual Server: 212.159.***.***:43050 -> 192.168.1.65:443 (TCP)
2020-12-03 11:27:21 Local User (MAC=00-A0-C9-00-00-00): 192.168.1.101:62890 -> 212.159.***.***:443 (TCP)
2020-12-03 11:27:20 Virtual Server: 212.159.***.***:43049 -> 192.168.1.65:443 (TCP)
2020-12-03 11:27:20 Local User (MAC=00-A0-C9-00-00-00): 192.168.1.101:62889 -> 212.159.***.***:443 (TCP)
2020-12-03 11:27:19 Local User (MAC=00-A0-C9-00-00-00): 192.168.1.101:62888 -> 18.203.7.50:443 (TCP)
The request is coming from 192.168.1.101 CP) and the Webserver is at 192.168.1.65 (static)
It seems that the port is forwarded to 192.168.1.65:443 correctly and 192.168.1.65:443 is accessible on the LAN.
Nothing of real relevance is shown on the WebServer logs.
Any help on what is happening or what I should look for next would be most welcome.
Please Log in or Create an account to join the conversation.
- sgibbs
- Offline
- Junior Member
Less
More
- Posts: 25
- Thank you received: 0
04 Dec 2020 16:02 #97893
by sgibbs
Replied by sgibbs on topic Re: Incoming Port Forwarding 2862N
Have you also opened port 443? I don't have a 2862N, but I do have a 2860N. If they work the same, you have to open the port and also forward the port for it to work correctly.
Please Log in or Create an account to join the conversation.
- smd
- Topic Author
- Offline
- New Member
Less
More
- Posts: 3
- Thank you received: 0
05 Dec 2020 08:50 #97894
by smd
Replied by smd on topic Re: Incoming Port Forwarding 2862N
I have opened the port but I'll look into some of the options later today. I may have to resort to setting up Wireshark and see exactly what is forwarded.
Please Log in or Create an account to join the conversation.
- cwager990
- Offline
- Banned
Less
More
- Posts: 21
- Thank you received: 0
06 Dec 2020 08:59 #97898
by cwager990
Replied by cwager990 on topic Re: Incoming Port Forwarding 2862N
Okay, so assuming that your using tcp/80 and tcp/443 internally and externally (No port redirect)
You don’t need to add anything to the port redirects section under NAT
Under open ports create an entry for the web server and do source any interface wan1 (assuming that’s your wan) specify the Internal ip for the websever.
Then for 1 do tcp 80-80 and 2 tcp 443-443
Next go firewall > filter set > default data filter (assuming that you don’t have many filter rules)
And as an entry to allow tcp/80 from any to the internal ip of your Webserver do the same for 443. Make sure the rule is WAN —> LAN.
You don’t need to do this if your router is setup with detail rule pass on the firewall default rule page.
Hope that helps and gets you going.
You don’t need to add anything to the port redirects section under NAT
Under open ports create an entry for the web server and do source any interface wan1 (assuming that’s your wan) specify the Internal ip for the websever.
Then for 1 do tcp 80-80 and 2 tcp 443-443
Next go firewall > filter set > default data filter (assuming that you don’t have many filter rules)
And as an entry to allow tcp/80 from any to the internal ip of your Webserver do the same for 443. Make sure the rule is WAN —> LAN.
You don’t need to do this if your router is setup with detail rule pass on the firewall default rule page.
Hope that helps and gets you going.
Please Log in or Create an account to join the conversation.
- cwager990
- Offline
- Banned
Less
More
- Posts: 21
- Thank you received: 0
08 Dec 2020 09:46 #97912
by cwager990
Replied by cwager990 on topic Re: Incoming Port Forwarding 2862N
Just wondered if you had made any progress with this SMD ?
Please Log in or Create an account to join the conversation.
- smd
- Topic Author
- Offline
- New Member
Less
More
- Posts: 3
- Thank you received: 0
08 Dec 2020 10:22 #97913
by smd
Replied by smd on topic Re: Incoming Port Forwarding 2862N
I have this working now. The key to it all was the firewall data filter changes that you suggested. Once that was done it all worked. Before that I could not update the Linux os on the webserver. all sorts of ip's could not be found and ping etc did not work. Make that change and it all worked fine.
Thanks for the help.
smd
Thanks for the help.
smd
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek