Menu
What's new
By:
Filters Better Search

RT-AC86U - simple port forward ....?!

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

S

steef84

Occasional Visitor
Hi folks,

for days trying to simply forward a port to a service running on port 35000 on my local server 10.0.0.86.
The port stays locked for me. I want to forward this port to my ISP IP address, not my vpn client IP.

I opened a port in the gui and enabled the service:

upload_2019-11-5_19-26-38.png


Im using the following things on merlinwrt:

Merlinwrt latest stable RT-AC86U
VPN client 1 - policy rules strict. By putting the router via wan I believe the router should be accesable via the ISP ip right?

upload_2019-11-5_19-31-41.png


VPN server 1, to connect my local lan from wan, this is working good.
Yazfi - working good
Skynet - think its (might) working (too) good! :)
Diversion - working good

I thought Skynet might the the port locker, so disabled it, still it the ports isnt opening. The client im trying to forward the port to is not running over wan in policy rules, and thats how I like it to be. Any hints for me how to find my culprit?
 

Attachments

  • upload_2019-11-5_19-31-30.png
    upload_2019-11-5_19-31-30.png
    5.3 KB · Views: 286
steef84 said:
I want to forward this port to my ISP IP address, not my vpn client IP.
Click to expand...
You don't forward a port to your ISP (WAN) address, you forward it from your WAN address.

steef84 said:
VPN client 1 - policy rules strict. By putting the router via wan I believe the router should be accesable via the ISP ip right?
Click to expand...
Wrong. Policy rules effect outgoing traffic not incoming. Therefore you need to create an exception for 10.0.0.86 so that its traffic goes through the WAN interface instead of the VPN.

https://github.com/RMerl/asuswrt-merlin/wiki/Policy-based-routing
 
thanks for your reply

ColinTaylor said:
You don't forward a port to your ISP (WAN) address, you forward it from your WAN address.

So true. But you get the point. Thanks for the clarification and correction.


Wrong. Policy rules effect outgoing traffic not incoming. Therefore you need to create an exception for 10.0.0.86 so that its traffic goes through the WAN interface instead of the VPN.

I certainly don't want to expose my 10.0.0.86 service to my wan interface by excluding the ip. I thought that by enabling the router ip to wan in policy rules that I could reach my ISP ip on port 23154. And the port forward rule would forward it to my local port 35000 on 10.0.0.86. But that was too simple thinking I suppose? Are there any custom portforward rules neccesary if you are aware off?


https://github.com/RMerl/asuswrt-merlin/wiki/Policy-based-routing
Click to expand...
 
steef84 said:
I certainly don't want to expose my 10.0.0.86 service to my wan interface by excluding the ip. I thought that by enabling the router ip to wan in policy rules that I could reach my ISP ip on port 23154. And the port forward rule would forward it to my local port 35000 on 10.0.0.86. But that was too simple thinking I suppose? Are there any custom portforward rules neccesary if you are aware off?
Click to expand...
As stated in the wiki, policy rules work on a "per IP address" basis and is not port based. If you want to create exceptions per port you'll need to write a script.

https://github.com/RMerl/asuswrt-merlin/wiki/Policy-based-routing
You CANNOT configure a policy that will be based on a port through the webui - only on IPs (or subnets). If you need more flexibility in your rules, you can look at this alternate manual method. Note that this method might interfere with other features, such as Adaptive QoS.
Click to expand...
 
You must log in or register to reply here.

Similar threads

G
VPN Client with Public IP, split tunnel web server over VPN and other traffic not on the VPN
Replies
4
Views
408
Grefyne
G
E
Multi source selective port forward?
Replies
1
Views
247
RMerlin
RMerlin
H
Port Forwarding Over WireGuard Connection?
2
Replies
22
Views
2K
houmi
houmi
A
PS5 port forwarding and VPN rules
Replies
4
Views
1K
ColinTaylor
C
E
Solved ASUS GT-AXE16000 Port Forward for VOIP; DMZ or Not?
Replies
16
Views
891
EtheAv8r
E
Similar threads
Thread starter Title Forum Replies Date
S script to use AC86U's WakeOnLan Asuswrt-Merlin 8
F ASUS RT-AC86U (merlin Current Version : 386.12_6): jffs2: Argh. No free space left for GC. Can you help me troubleshoot this please? Asuswrt-Merlin 6
D RT-AC86U no Quick Internet Setup wizard and fails as AI-Mesh node Asuswrt-Merlin 9
B FYI: AM 386.12 on AC86u - how to decrease # of random reboots Asuswrt-Merlin 4
Blankedy AC86U OpenVPN server whilst in AP mode Asuswrt-Merlin 3
D RT-AC86U mesh node FTP issue Asuswrt-Merlin 7
BobMCT Help with ntwk connect to RT-AC86U USB drive? Asuswrt-Merlin 5
J RT-AC86U DNS leaks while using mullvad Asuswrt-Merlin 1
M AC86U - DHCP not assigning IP. Asuswrt-Merlin 6
G Miracast problems solved by router reboot -RT-AC86U 386.12_4 Asuswrt-Merlin 0

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 942 (members: 33, guests: 909)
Top