NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Equest's avatar
Equest
Tutor
Apr 12, 2020

BR500 Connectivity Issue - Port forwarding

I have configured port forwarding on my BR500 to allow access from the WAN to a port on the LAN for a webcam system, and this works fine.

If I enter the FQDN:port on a browser anywhere on the internet, I connect to the webcam system.

However, any computer or device on my own LAN using the same FQDN:port address fails to recognise the port, even though the computer is connected to the same subnet as the webcam system.

If I use the numerical address of my BR500 WAN port with the port number when connected to my own LAN I have the same result.

I would add that using the webcam system local LAN address:port  on my LAN works fine.

If I ping the WAN address of the BR500 from a computer on my LAN, then I get a reply. So the issue relates to the BR500 recognising the port I am trying to access when using the router WAN address with a port number from my own LAN.

This would not be a problem, but many portable devices (eg phones) need to access this system from my own LAN and from the internet.

I found and earlier discussion related to this subject in these pages with a solution based on traffic rules. However, implementing this solution didn't solve my problem.

 

 

2 Replies

  • schumaku's avatar
    schumaku
    Guru - Experienced User
    Apr 17, 2020

    The FQDN does most likely resolve to the WAN (Internet) public IP address as most consumer environment don't have a local DNS infrastructure allowing split horizon config. If port forwardings (or many2one NAT) can't reach ports from the LAN it's simply lack of, or broken NAT loopback. YeZ ideas?

    PS: There are only two kinds of Internet direct accessible Webcams - those already exploited, and those which will be exploited soon.

    • Equest's avatar
      Equest
      Tutor
      Apr 18, 2020

      Yes, the FQDN is correctly resolved to the WAN address, however, the BR500 doesn't recognise its own WAN address when called from the LAN with a port added to the address, even though the port is recognised when the router is called from anywhere else on the internet. If I ping the WAN address from the LAN I get a reply.

      I am using several webcams but these are accessed via a Synology NAS running video surveillance software - although I am not certain how secure this arrangement is. I note your comments about the security of webcams with a direct connection to the internet.

       

       

       

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More