This topic is so frequently asked I'm surprised it hasn't made it's way to the quick page of webfig, but I have read a lot of tutorials and I still can't make this work (well, using static DHCP adresses actually did give me green lights occasionally). I'm probably not that smart on the other hand
Basics:
My WAN (fibre node) is connected to Ether1, it's a dynamic IP. Power outage will change it.
The server in question is a PC connected sometimes on wifi, sometimes cabled, and the DHCP adress is also not static.
My hEX is default configured.
I am trying to set up a firewall port forwarding rule so wide it will accept this server, but only on port 32400 (Plex)
Can it be done?
(Alternatively: I guess I would be better off connecting this server to a specific etherport on the hEX, for a more narrow rule - even if the DHCP adress changes?)
For DST-NAT the WAN IP address doesn’t really matter, it can be done without referencing it. However, destination (LAN/DMZ server) needs to have static IP address. And this part is not possible (at least with ROS DHCP server) if server’s MAC address changes (each network interface has different MAC address). So you can either set up static IP address on PC and set the same address on both ethernet and wireless interfaces (I’m not sure if that’s possible) … or you can force MAC address of one interface (e.g. wireless) to the same calue as tge other interface (e.g. ethernet). Not sure that’s possible either. In any case you’ll have to be careful not to have both interfaces active in the same network at the same time.
The MAC adress doesn’t change of the server, only the DHCP adress. So it’s in the range of 192.168.88.x (I tried 192.168.88.0/24, but no sucess)
Right now it’s steady actually. Great speed on plex, no errors - But i specified the DHCP to 192.168.88.27 where the server currently sits. I also made this MAC adres static in the DHCP section - It runs now - but will the hEX always force this MAC to x.x.x.27, nomatter wifi or rj45?
I just discovered something interesting (well I’m new to this - you know this for sure)
Running Plex playdevice and server on the same network made no traffic at all in this forwarding rule.
If I used cellular data I got traffic.
If i put server on a VPN I also get traffic.
I suppose this is exactly right
So…assuming server DHCP ip is 192.168.88.27, and stays there:
DHCP server doesn’t know hor does it care which interface Plex uses to connect to LAN, it only cares about MAC address … so if Plex will use same MAC address for either wired or wlan connection, then DHCP server will offer same IP address every time (as you made that address to be a static lease).
However, I haven’t seen any device with both ethernet and wireless connection options which would use same MAC address in both cases. All of them had different MAC addresses for each network interface. If your Plex is such device, this means it’ll get one IP address when connected via ethernet and another IP address when connected via wlan. You xan make both a static lease, but this still means trouble for DST-NAT as router doesn’t know which IP address is active at given time.
What you could do is to have two DST-NAT rules. They would be the same, only to-address would be different. Then you’d enable the one targeting currently used server address.
Further step would be to make this happen automatically using a script which would run regularly. It would ping both possible addresses and if one of them was alive, it’d activate corresponding DST-NAT rule.
So you see the mess this is becoming. My personal rule of thumb is: any server should hhave static IP address (either truly static as in configured on the server itself or getting static lease from DHCP server) and it should be connected to LAN by wire.
