Hi,
after change of my router for Mikrotik hAP AC2 the communciation to solarweb.fronius.com was broken.
I need help to write some rule(s) in /ip firewall according Fronius documentation.
Thanks for help.
Jozef
If i understood correctly…This rule will forward udp 49049 port from WAN to your LAN solar inverter
/ip firewall nat
add action=dst-nat chain=dstnat in-interface=ether1-gateway dst-port=49049 protocol=udp to-addresses=IP-OF-SOLAR-DEVICE to-ports=49049
Nope, UDP port 49049 is used by Inverter to connect to the cloud and should work just fine with default RouterOS config. What needs to be done is to forward port 80 from internet to Inverter. Like this:
/ip firewall nat
add action=dst-nat chain=dstnat in-interface-list=WAN dst-port=80 protocol=tcp to-addresses=<IP-OF-SOLAR-DEVICE>
and this assumes otherwise default RouterOS config (which extensively uses interface lists).
Further more, the doc recommends to only allow conenction to TCP port 80 only from select networks to reduce risk of compromise. That should be done in /ip firewall filter section, but how in particular that’s up to OP’s wishes and requirements.
N.b.: if OP wishes to connect to Inverter when he’s connected to LAN, he can connect directly to . If he wants to bookmark connection and use the same bookmark both when using internet and when on LAN, then he needs to implement hairpin NAT.
Hi,
thanks for answer. I have port forwarding used to my web server port 80.
So it is not possible that Fronius acts as a server on the same port.
Is it possieble to define some other port in Fronius ?
Acts Fronius as a web server ?
Jozef
You can select another port on WAN interface and forward it to port 80 on Fronius:
/ip firewall nat
add action=dst-nat chain=dstnat in-interface-list=WAN dst-port=8080 protocol=tcp \
to-addresses=<IP-OF-SOLAR-DEVICE> to-port=80
in the above example it’s port 8080 which is available on WAN side. Then you can connect to Fronius using URL http://<WAN_address>:8080/ …