DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Port forwarding to VLAN

More
10 Oct 2024 17:14 #103997 by matt
Port forwarding to VLAN was created by matt
Using 2 x Vigor 3912s in HA Mode, I'm struggling to port forward from external IP address' to Internal IP address'

We have 61 external IPs and 50 vLANs, some clients need ports opening to devices locally on their LANs from their dedicated external IP address (Shared Office Space)

Been working with Drayteks for  over a decade, but this is the first time attempting to port forward to hardware on vLANs.

If anyone can lend a hand it would be much appreciated, I'm assuming its much more than a simple NAT >> Open Ports >> Edit Open Ports Jobbie. and I need routes setup, I'm at a loss.

Thank you

Please Log in or Create an account to join the conversation.

More
12 Oct 2024 10:45 #104000 by ctluk
Replied by ctluk on topic Port forwarding to VLAN
Assuming this is a established inbound connection it is as simple as the process you mention. We forward from specific external IP addresses to internal servers on VLANs and it is just a simple case of creating an IP object for the external IP then setting up with either "Port redirection" or "Open Ports" depending if you're working with a single port or multiple ports. The DrayTek deals with all the internal routing so nothing needs doing there.

Please Log in or Create an account to join the conversation.

More
12 Oct 2024 13:48 #104002 by HodgesanDY
Replied by HodgesanDY on topic Port forwarding to VLAN
Hi,

I have to agree with @ctluk, this seems pretty straight forward and I can’t see where you could go wrong. The only possibility is a firewall rule you’ve created that is blocking the flow.

Using the Firewall diagnostic tool should highlight if that is the case though.

Please Log in or Create an account to join the conversation.

More
12 Oct 2024 13:54 - 12 Oct 2024 13:55 #104003 by matt
Replied by matt on topic Port forwarding to VLAN
My original configs were the same as I have done on non vlan setups and these work fine.

I have the same issue with another end user using a 3910.

On both setups, port 443 shows live on all external IPS for both clients, but no rules are setup, and SSL VPN has been change from 443 to 8443.

I will send some screenshots on my return to the office monday just to ensure I'm correct with you guys if that's ok.
Last edit: 12 Oct 2024 13:55 by matt.

Please Log in or Create an account to join the conversation.

More
12 Oct 2024 14:13 - 12 Oct 2024 14:15 #104004 by HodgesanDY
Replied by HodgesanDY on topic Port forwarding to VLAN
If it’s 443 you’re trying to open up, have you moved the management port away from 443?

I know you have many external IPs, but this could be overriding ‘open port’ etc abilities. Especially if all external IPs are effectively usable as a way into the router from outside. Even if you have the external management disabled, the port setting will/could be blocking use of that port every where else in the router config. Hence why the SSL config points big arrows at its port setting.

Just a thought…
Last edit: 12 Oct 2024 14:15 by HodgesanDY.

Please Log in or Create an account to join the conversation.

More
14 Oct 2024 09:27 - 14 Oct 2024 11:50 #104005 by matt
Replied by matt on topic Port forwarding to VLAN
Firewall Rule  This is how I create them, dont worry port 80 is for testing :)
Last edit: 14 Oct 2024 11:50 by matt.

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami