Router Model: RT-AC88U
Firmware Version: 384.13
Hello all, to start I would like to say many thanks to RMerlin for providing this awesome custom firmware and to all of the expert community members whose feedback/guides have been invaluable over the years.
My issue is as follows; would highly appreciate any assistance if someone else has resolved a similar issue. I had port forwarding setup to forward a single port to single PC on the LAN working without any issues. I then decided to setup the OpenVPN client using the Mullvad VPN service on the router. I used the following guide that Mullvad provides:
https://www.mullvad.net/en/guides/asus-merlin-and-mullvad-vpn/
The VPN is working correctly for all LAN clients but port forwarding is now failing. I followed their instructions at the end of the support guide and appropriately edited the dport and DNAT values to be equal to the port I want to forward and the internal IP address of the client I want the traffic forwarded to and then copied/pasted the command into an SSH session. I confirmed in nano that the nat-start file includes the two iptables rules you would expect the command to generate.
Not sure if this is relevant but I also determined the following facts:
Firmware Version: 384.13
Hello all, to start I would like to say many thanks to RMerlin for providing this awesome custom firmware and to all of the expert community members whose feedback/guides have been invaluable over the years.
My issue is as follows; would highly appreciate any assistance if someone else has resolved a similar issue. I had port forwarding setup to forward a single port to single PC on the LAN working without any issues. I then decided to setup the OpenVPN client using the Mullvad VPN service on the router. I used the following guide that Mullvad provides:
https://www.mullvad.net/en/guides/asus-merlin-and-mullvad-vpn/
The VPN is working correctly for all LAN clients but port forwarding is now failing. I followed their instructions at the end of the support guide and appropriately edited the dport and DNAT values to be equal to the port I want to forward and the internal IP address of the client I want the traffic forwarded to and then copied/pasted the command into an SSH session. I confirmed in nano that the nat-start file includes the two iptables rules you would expect the command to generate.
Not sure if this is relevant but I also determined the following facts:
- If you are OUTSIDE of the network the port forward fails (which is of course the ultimate goal to resolve).
- If you are ON the local network via the Wi-Fi (thus your outbound traffic is going over the VPN) but you attempt to connect to the service/port using the EXTERNAL/WAN IP, the port forward actually succeeds. If you REMOVE the port forwarding settings in the WAN -> Virtual Server / Port Forwarding, this causes it to fail (these settings are/were still in place from the successful port forwarding configuration I had setup before I deployed the OpenVPN client on the router).