1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

RT-AC86U no open ports - all ports forwarded on WAN access device

Discussion in 'Asuswrt-Merlin' started by zd59, Jun 11, 2019.

  1. zd59

    zd59 Occasional Visitor

    Feb 13, 2017

    My configuration:
    WAN/Internet access Cisco EPC3928S router, NAT, all ports forwarded.
    RT-AC86U with Merlin FW 384.11_2, connected to above Cisco on LAN port .

    All devices on a local network can access Internet and can SSH to RT-AC86U or its WEB GUI.
    For SSH I have my own key pair and connects from LAN. (password logon disabled)

    But RT-AC86U is invisible from internet. Only ping works. SSH do not work, but in settings is "SSH access" "LAN and WAN" All other network settings are default, except uPNP is off for security reasons.
    nmap port scanner with -p- option returns:
    Nmap done: 1 IP address (0 hosts up) scanned in 3.04 seconds

    How to set things so that RT-AC86U will be accessible from WAN?
    I need SSH & OpenVPN from internet.

    Also pointing out that previously I had Netgear R7500 WiFi router and Asus RT-AC86U is direct replacement.
    With Netgear all worked, SSH to it and OpenVPN to LAN both from Internet. So Cisco connected to WAN correctly forward ports. The reason must be on Asus RT-AC86U.
  2. RMerlin

    RMerlin Super Moderator

    Apr 14, 2012
    Check your modem. Maybe its forwards were set to a different IP address than with the Asus.
  3. zd59

    zd59 Occasional Visitor

    Feb 13, 2017
    Thank you RMerlin.

    I was planing to check Cisco settings today after return home. That was before you answered here.
    Success :) - the reason:
    I've set up a static IP regarding to MAC of my previous router (Netgear) and this was in DMZ.
    After replacing MAC with current Asus WAN port MAC, on Cisco, Asus is visible on internet.
    Checked with phone on cellular network, and it successfully connect SSH with prvate key to my Asus AC-RT86U.

    p.s.: your job is excellent. :) Flashed Merlin FW on fresh Asus from store.