Dual wan port forwarding

[MusaedKW]

Hello
First Thanks for all ,the SNB forums help me a lot

I have one issue with Dual wan port forwarding

My setup:
AC88U
AsusMerlin 384.5_beta1
2 PPPOE 2 different ip from same ISP
Load balance 1:1
Everything works as expected

except one thing Port forwarding the Secondary WAN

Lets say I want to forward port 80 and I did

From outside I can access port 80 via Primary WAN only

I want to forward port 80 in both Primary WAN and Secondary WAN

when I check port 80 via port checker
(Port 80 open on Primary WAN ip)
(Port 80 closed on Secondary WAN ip)

I tried different port same story always open on Primary WAN but closed on Secondary WAN

lookup 100 = WAN1
lookup 200 = WAN2

Sorry for my English
Please help
Thanks
Musaed



Update
when I add this ssh command :
ip rule add from 192.168.2.99 lookup 200 pref 100
Gets the opposite
(Port 80 closed on Primary WAN ip)
(Port 80 open on Secondary WAN ip)

I want to open port in both WAN please
thnaks

 

[peraburek]

@MusaedKW

please register your router here - https://account.asus.com
open ticket with ASUS support and tell them it is not working
install latest Firmware, do factory reset, after issue appears export syslog (LOG) and send them
you need to send them admin password as well, so they can test this issue

be sure to tell them to forward your complaint(s) to Firmware Development Team
it is firmware bug (poor coding) so they need to fix it on firmware level (software)
don't give up, otherwise they will continue to ignore dual-wan issues, and push asus ai mesh and other bs

 

[MusaedKW]

@MusaedKW

please register your router here - https://account.asus.com
open ticket with ASUS support and tell them it is not working
install latest Firmware, do factory reset, after issue appears export syslog (LOG) and send them
you need to send them admin password as well, so they can test this issue

be sure to tell them to forward your complaint(s) to Firmware Development Team
it is firmware bug (poor coding) so they need to fix it on firmware level (software)
don't give up, otherwise they will continue to ignore dual-wan issues, and push asus ai mesh and other bs

Thanks for reply
I sent to them

But is there a temporary solution? (via shh command )

 

[peraburek]

I don't know any temporary solutions, but try to ask @Martineau or @john9527 for help, they have some heavy iptables skills

 

[MusaedKW]

I don't know any temporary solutions, but try to ask @Martineau or @john9527 for help, they have some heavy iptables skills

Thanks peraburek for reply

I found the issue only happen with this server ip (192.168.2.99)

I forward port 8787 to ( 192.168.2.18 ) and it's open on both WAN !

This is ip rule for :

admin@RT-AC88U:/tmp/home/root# ip rule
0:      from all lookup local
100:    from all to 91.102.XXX.XXX lookup wan0
100:    from all to 91.102.XXX.XXX lookup wan0
100:    from 192.168.2.99 lookup wan0
100:    from 192.168.2.15 lookup wan1
150:    from all fwmark 0x80000000/0xf0000000 lookup wan0
150:    from all fwmark 0x90000000/0xf0000000 lookup wan1
200:    from 94.29.XXX.XXX lookup wan0
200:    from 94.29.XXX.XXX lookup wan1
200:    from 192.168.2.99 lookup wan0
200:    from 8.8.8.8 lookup wan0
200:    from 8.8.8.8 lookup wan1
400:    from all to 172.16.36.XX lookup wan0
400:    from all to 172.16.36.XX lookup wan1
400:    from all to 192.168.2.99 lookup wan0
400:    from all to 8.8.8.8 lookup wan0
400:    from all to 192.168.2.99 lookup wan1
400:    from all to 8.8.8.8 lookup wan1
32766:  from all lookup main
32767:  from all lookup default

I hope @rmerlin , @Martineau or @john9527 can help with this
or if anyone found the problem with Routeing code can help

Thanks
Musaed

 

[MusaedKW]

For record

Problem Solved

By removing (
100: from 192.168.2.99 lookup wan0
200: from 192.168.2.99 lookup wan0

Command used:
ip rule del from 192.168.2.99 lookup 100 pref 100
ip rule del from 192.168.2.99 lookup 100 pref 200


New (ip rule ) Result :

admin@RT-AC88U:/tmp/home/root# ip rule
0:      from all lookup local
100:    from all to 91.102.XXX.XXX lookup wan0
100:    from all to 91.102.XXX.XXX lookup wan0
100:    from 192.168.2.15 lookup wan1
150:    from all fwmark 0x80000000/0xf0000000 lookup wan0
150:    from all fwmark 0x90000000/0xf0000000 lookup wan1
200:    from 94.29.XXX.XXX lookup wan0
200:    from 94.29.XXX.XXX lookup wan1
200:    from 8.8.8.8 lookup wan0
200:    from 8.8.8.8 lookup wan1
400:    from all to 172.16.36.XX lookup wan0
400:    from all to 172.16.36.XX lookup wan1
400:    from all to 192.168.2.99 lookup wan0
400:    from all to 8.8.8.8 lookup wan0
400:    from all to 192.168.2.99 lookup wan1
400:    from all to 8.8.8.8 lookup wan1
32766:  from all lookup main
32767:  from all lookup default

Now ports open on both WAN

 

[storkinsj]

When you explained how you fixed this on the command line, I understood: Port forwarding is configured in the moment based on the WAN setup you have.

In the user interface, I removed my port forwarding configuration, and readded it; the difference being that now I had a dual-wan setup.

It worked.