1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Smart RG SR515AC Router: Port 80 redirects to router admin

Discussion in 'General Wireless Discussion' started by ray, Mar 14, 2019.

  1. ray

    ray Occasional Visitor

    Joined:
    Feb 6, 2011
    Messages:
    46
    Hi all, I'm desperate! I've googled, searched reddit, searched my ISP's forum (Sonic in Berkeley) and can't find a solution. Hoping this isn't as unique as it sounds and there's a solution.

    I have a my-domain.net hosted on my NAS. I've done all the reverse-proxying and I know for sure everything works.

    However, when I try to access my-domain.net while connected to the home network, the router keeps trying to redirect back to its admin page and times out.

    When I access my-domain.net from outside the home network, eg. on my phone's cell network, it works fine!

    There's some setting in the router that's intercepting Port 80 and 443 traffic and redirecting it to its admin page.

    Anyone who's come across this have a possible fix? TIA!
     
  2. ray

    ray Occasional Visitor

    Joined:
    Feb 6, 2011
    Messages:
    46
    Bump
     
  3. umarmung

    umarmung Senior Member

    Joined:
    Apr 21, 2018
    Messages:
    249
    There are several ways to solve this problem.

    The most straightforward is "hairpin NAT" aka. "NAT Loopback". Your router or third-party firmware for the router needs to explicitly support this feature. It requires the router to have the same Internet IP as the Internet machine hostname, i.e. it will likely fail for routers that are not bridged.

    The main alternatives involve fiddling with internal DNS queries, known as "split DNS". One way this can be achieved is by using your router for DNS and creating a static DNS entry that serves the internal IP of the web server directly, or you run a separate DNS server that does the same. Another way would be to change all the relevant clients "host" files to contain this internal IP for the web server name - obviously this option is manual and intensive, but good for testing that there is no other problem to overcome than just the correct IP resolution.

    Asus routers running Merlin firmware support both the main options above.
     
    ray and L&LD like this.
  4. ray

    ray Occasional Visitor

    Joined:
    Feb 6, 2011
    Messages:
    46
    Thank you so much for your response.

    I just tried the static DNS entry you suggested and it worked!

    I'm beginning to think there is a bug in this router's firmware.

    Under "Access Control", there's a setting for HTTP(S) WAN which is disabled and uses port 80 by default.

    After I set up my own port 80 forward, I noticed Access Control for WAN was automatically changed to port 8080. So the router is acknowledging my own port forward. And all this while WAN access is disabled.

    Yet the router continued to hijack the port 80 activity.

    Anyway your static DNS suggestion worked.
     
    L&LD likes this.
  5. L&LD

    L&LD Part of the Furniture

    Joined:
    Dec 9, 2013
    Messages:
    9,624
    If you keep getting bugs and glitches from your router, I would consider doing a full reset to it. Just a thought.
     
  6. ray

    ray Occasional Visitor

    Joined:
    Feb 6, 2011
    Messages:
    46
    I spoke too soon. The static DNS entry only worked when I was hardwired to the router.

    The problem persist when I'm back on wifi!

    BTW when I try to access the router with 192.168.1.1, I'm blocked:

    Code:
    Forbidden
    
    You don't have permission to access /prime-home/control-panel/login on this server.
    Apache/2.2.29 (Amazon) Server at smartrg.sonic.net Port 443
    The admin page needs to be access with 192.168.1.1/admin.

    Does that have anything to do with my problem?
     
  7. ray

    ray Occasional Visitor

    Joined:
    Feb 6, 2011
    Messages:
    46
    Yeah I've done the reset about 4 times now trying to figure out this router.
     
  8. L&LD

    L&LD Part of the Furniture

    Joined:
    Dec 9, 2013
    Messages:
    9,624
    Is there a setting that blocks access from WiFi?

    Are you sure you're connected to WiFi and not 3/4G?

    Is it time to do a full network 'sanitize'?
     
  9. ray

    ray Occasional Visitor

    Joined:
    Feb 6, 2011
    Messages:
    46
    I haven't come across a setting that blocks access from WiFi, can you suggest the language to look out for?

    By 3/4G you mean cellular data? I'm definitely on WiFi since I'm on my laptop. However, I've confirmed my-domain.net is reachable and works on cellular data—it's when I'm on the internal network that this doesn't work.

    The router has this Access Control page:

    [​IMG]

    WAN was always disabled by default. However, by default, that port was set to 80. After I set up my own port forward, the router automatically changed it to 8080—so it acknowledges that I'm using port 80 yet it continues to hijack it.

    This is my port forward:

    [​IMG]

    Can you clarify what you mean by "sanitize"?
     
    Last edited: Mar 16, 2019
  10. ray

    ray Occasional Visitor

    Joined:
    Feb 6, 2011
    Messages:
    46
    Just to expand on this, when I enter 192.168.1.1 into the browser, it resolves to

    Code:
    https://smartrg.sonic.net/prime-home/control-panel/login?device=3C9066:3C90667EEA30
    and serves up that Forbidden error.
     
  11. L&LD

    L&LD Part of the Furniture

    Joined:
    Dec 9, 2013
    Messages:
    9,624

    Look here for what I'm thinking that might block the UI over WiFi.

    https://www.snbforums.com/threads/turn-off-admin-panel-for-wifi.22481/

    Does http://192.168.1.1 or https://192.168.1.1 make a difference on your laptop?

    Can you use the same laptop wired and see it work?

    See the Sanitize Network link in my signature for further info.
     
  12. ray

    ray Occasional Visitor

    Joined:
    Feb 6, 2011
    Messages:
    46
    There is this panel in my router admin that seems to offer what that thread discusses:

    [​IMG]


    http://192.168.1.1 resolves to https://smartrg.sonic.net/prime-home/control-panel/login?device=3C9066:3C90667EEA30 and gives me the Forbidden error.

    https://192.168.1.1, the browser tries to perform a TLS handshake and eventually times out.

     
    Last edited: Mar 16, 2019
  13. L&LD

    L&LD Part of the Furniture

    Joined:
    Dec 9, 2013
    Messages:
    9,624
  14. ray

    ray Occasional Visitor

    Joined:
    Feb 6, 2011
    Messages:
    46
    Urgh, have I exhausted what I can do with this POS router? :mad:
     
  15. L&LD

    L&LD Part of the Furniture

    Joined:
    Dec 9, 2013
    Messages:
    9,624
    Maybe leave it for a day or two and then proceed to fully sanitize your network in a last attempt to make this work as you expect?

    I am not familiar with this router, but it seems worth doing the above to give it the best shot of working properly for you.
     
    ray likes this.
  16. ray

    ray Occasional Visitor

    Joined:
    Feb 6, 2011
    Messages:
    46
    Thank you very much for the assist, I'm thankful I didn't have to troubleshoot alone!

    I wish I was still on my trusty RT-N66U with Merlin but it couldn't handle the gigabit connection optimally when I tried it :(
     
    L&LD likes this.
  17. L&LD

    L&LD Part of the Furniture

    Joined:
    Dec 9, 2013
    Messages:
    9,624
    You're welcome. Hope we get this fixed for you.

    The RT-N66U was great in its day, today a single core 600MHz CPU is just not enough to power our network expectations with their greatly updated capabilities and demands we place on them.
     
  18. ray

    ray Occasional Visitor

    Joined:
    Feb 6, 2011
    Messages:
    46
    Which Asus router do you think is a good replacement for it? I've been so out of the loop relying on the n66u!
     
  19. L&LD

    L&LD Part of the Furniture

    Joined:
    Dec 9, 2013
    Messages:
    9,624
    The RT-AC3100 has been great for customers and me for a few years now. However, I too am looking for a replacement to properly handle a Gbps ISP connection.

    The best candidate so far is the RT-AC86U. I hope to be picking one up myself in the next few weeks.
     
    ray likes this.
  20. ray

    ray Occasional Visitor

    Joined:
    Feb 6, 2011
    Messages:
    46
    I've had my eye on the AC86U for a while but I'll check out the AC3100! Thank you again!!