- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
RBR750 port forwarding stopped working
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Port forwarding seemed to have stopped working on my router for my VPN server using port 51820. It is on the latest FW V7.2.6.31, it was working after update but suddenly stopped and hasn't worked since. I reverted back to old FW version and still doesn't work, so not sure what other solution there is.
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Seems like something changed on my ISP where they were giving me a private IP instead of public.
Solution
Set DMZ and PF on modem to router, then PF from router to brume.
Thanks for all the help!
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RBR750 port forwarding stopped working
What is the Mfr and model# of the Internet Service Providers modem/ONT the NG router is connected too?
Be sure your using a good quality LAN cable between the modem and router. CAT6A STP is recommended.
Has a power off for 1 minute then back ON with the ISP modem and router been performed since last update?
Be sure to restart your network in this sequence:
Turn off and unplug modem.
Turn off router and computers.
Plug in and turn on modem. Wait 2 minutes for it to connect.
Turn on the router and wait 2 minutes for it to connect.
Turn on computers and rest of network.
Is uPnP enabled or disabled? It should be disabled if you have set up any PF configurations.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RBR750 port forwarding stopped working
Port forwarding relies on internet devices connecting with the correct public IP address (which is why the OpenVPN server bundled into Orbi routers requires creating a DDNS URL which the router keeps synchronized with any changes that the Internet Service Provider (ISP) made to the public IP address.
Can you verify that devices attempting to connect are being directed to the current public IP address of the router?
Which VPN server has been deployed on the LAN?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RBR750 port forwarding stopped working
Quantum Fiber - model C5500XK
I have ran the power off sequence for everything and nothing changed.
uPnP has always been on and never was an issue but also tried turning it off and still doesn't work with PF configs
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RBR750 port forwarding stopped working
What happens if you put this "gl-inet brume 2 router" IP address it gets from the RBR into the RBRs DMZ as a quick test?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RBR750 port forwarding stopped working
Wondering if a factory reset and setup from scratch maybe needed. 🙄
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RBR750 port forwarding stopped working
Had this been working on prior version of FW?
Was prior version v.21?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RBR750 port forwarding stopped working
@jixxer wrote:
I'm running a WIREGUARD server through a gl-inet brume 2 router which is connected to NG router on the WAN port and using DDNS.
I am confused. The brume 2 supports both OpenVPN and Wireguard VPN in both Client and Host mode. The Client mode (for both VPN protocols) bundles every device on the LAN side into a VPN tunnel directed to one of these VPN providers:
The brume 2 supports VPN Host mode for both OpenVPN and Wireguard. Wireguard Host listens on port 51820 while OpenVPN Host listens on port 1194. Since the brume 2 is connected directly to the Internet Service Provider (ISP), there is no reason to implement port forwarding on the Orbi router, which is connected on the LAN side of the brume 2.
That leads to the important question: What 'mode' is the RBR750 in? ('router' or 'access point'?)
If the Orbi is in 'access point' mode and the brume 2 public IP address matches the IP returned by DDNS, then Wireguard Host should function correctly.
If the Orbi is in 'router' mode, I do not understand how Wireguard Host can connect with any device on the Orbi LAN. In 'router' mode, the Orbi uses Network Address Translation (NAT) to make it appear that every device on the Orbi LAN has the same IP address (the WAN address of the Orbi router).
So:
- Are we absolutely certain that the WAN IP address of the brume 2 matches the IP returned by DDNS, and
- What 'mode' is the RBR750 now in?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RBR750 port forwarding stopped working
@jixxer wrote:
The Orbi is the one directly connected to the ISP not the brume thats why PF is needed for the brume to access the WIREGUARD server.
My bad. Should have realized that "on the WAN port" is ambiguous. With the brume WAN port connected to one of the Orbi LAN ports, what is connected to the brume LAN port?
The brume User Guide is pretty specific. (https://docs.gl-inet.com/router/en/4/interface_guide/wireguard_client/ )
- The Wireguard Client mode, which bundles all devices on the brume LAN side into a tunnel to one of the Wireguard servers, does not require (a) a public IP address or (b) port forwarding. That is because the Wireguard Client is opening the tunnel.
- The Wireguard Server (Host) is the feature that requires public IP and port forwarding because a client device on the internet somewhere is attempting to open a VPN tunnel to the server running on the brume.
If it has been confirmed that the public IP address produced by the DDNS provider matches the public IP address on the Orbi router, then it might be useful to perform an experiment to determine whether the Orbi router is actually performing port forwarding. For example, forward that port 51820 to some other device on the Orbi LAN that will respond to internet connections. My "go to" devices are:
- An Epson printer which has a simple web interface. (port 80)
- A Raspberry Pi running Pi-Hole (also port 80)
Change the port forwarding rule to external port 51820 to internal port 80 on the LAN IP address of the target device.
Using a device not on the Orbi LAN (smart phone with WiFi disabled is quick and easy), open a web browser to:
- Public IP of Orbi router (i.e. http://<public IP> )
- The DDNS URL ( i.e. http://<DDNS URL> )
If the test device responds, then the Orbi port forwarding process is working.
What is the primary purpose for running the Wireguard server?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RBR750 port forwarding stopped working
Nothing is connected to the brume LAN as i'm not running the client, just the server. Purpose for the server is to have a dedicated VPN at home instead of 3rd party when needed.
I already tried the options you mentioned and no response, this was also tested on a different router with same settings and it worked so clearly the PF is not working on the Orbi unfortunately.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RBR750 port forwarding stopped working
Wow. Would not have thought that even Netgear software engineers could break something so fundamental to Netgear routers (and not test it as part of Quality Control, either.)
Orbi routers support NAT hairpinning (sometimes called NAT Loopback).
https://en.wikipedia.org/wiki/Network_address_translation#NAT_hairpinning
As a test, I set up port forwarding for external port 51820 to internal port 80 on my Epson printer (192.168.1.4).
Opened a web browser to http://<public ip>:51820 , and the printer web page appeared. (This is on an ancient RBR50.)
I also have an RBR750 running v7.2.6.31. (which has very little connected to it because it is only for "test". Currently there is one laptop and one Samsung tablet.). This router has IP 192.168.1.71 on the primary Orbi network.(Its WAN IP address)
- Configured a web server on the Samsung tablet attached to this RBR750 at IP 10.0.0.3. It uses port 8080 by default.
- Created a Port Forwarding for port 51820 to port 8080 on IP 10.0.0.3
- On a Chrome web browser, opened http://192.168.1.71:51820
- The Samsung tablet web site opened.
Thus, there appears to be a major "situation". My RBR750 running v7.2.6.31 clearly supports Port Forwarding of port 51820 to a port on a device connected to the RBR750 LAN. Thus, I cannot replicate that firmware v7.2.6.31 causes an RBR750 to not support Port Forwarding.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RBR750 port forwarding stopped working
I have been using the OpenVPN server bundled with the Orbi router for years. My guess is that investing $85-$90 in a bume 2 VPN device is some combination of:
- Wanting the option to run a VPN Client on the LAN rather than install VPN software on multiple devices, and
- Wireguard is generally believed to be more efficient than OpenVPN, but not supported by Netgear on Orbi routers.
To see "what's going on", I installed Wireguard server on a Raspberry Pi. (relatively painless) and forwarded port 51820 to the Pi. Generated a Wireguard client configuration and used the QR code method to install it on a smartphone. (Much more convenient than configuring OpenVPN on devices with cameras.) Hot Damn! I now have two VPNs that can be used to connect to the Orbi LAN from the internet. Not particularly impressed with the debugging/log information generated by the Wireguard app for Android. May check out Wireguard for Windows laptop.
Thanks for bringing attention to this curious VPN device.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RBR750 port forwarding stopped working
Correct, also want it on a separate device unless you're Vlanning everything on your Orbi for more security I wouldn't want it to access anything on the main router.
Wireguard is also faster/seamless than OpenVPN and integrates with more 3rd party VPNs if going that route. Also better for travel purposes, you can have another gl-inet router connect as a client to home server then broadcast without using 3rd party on every device which is usually faster as well depending on speeds you're paying for.
Works the same as app on phone, just need to upload config file and should work as long as its setup correctly. Also use cloudflare DNS instead of ISP for speed and security as well.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RBR750 port forwarding stopped working
Installed Wireguard Client on Windows 11. Used same user configuration as on phone (even though Wireguard wants each device to have a separate configuration file. What's that about? I could see different users having unique config files, but each device?). Also worked, "no problem." The laptop log file is much more detailed than the Android app log.
One significant difference I see between using the VPN host that is part of the router firmware is that connecting via VPN creates an entry in Attached Devices with a unique IP address numbering scheme. This also appears in the Orbi log.
When connecting to Wireguard that is running on a device on the LAN, there is no record of the VPN connection and the traffic appears to be coming from the Wireguard Host device.
This screen shot of the Orbi log shows where I opened the Orbi web admin interface at 16.47 with the laptop connected via Wireguard VPN. (Through the Raspberry Pi with IP address 192.168.1.30). Then at 16:57 I opened the web admin from a desktop computer on the Orbi LAN at 192.168.1.2
As far as the Orbi knows, both of these connections were from the Orbi LAN. Neither is identified as being "remote".
• Introducing NETGEAR WiFi 7 Orbi 770 Series and Nighthawk RS300
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more