Remote Access DSL Router

dlopez · March 4, 2012, 4:12pm

Hi,

I’m trying to setup a remote access to my dsl router from the internet. The DSL router has in DMZ the MT and what I want is that if I try to connect to port 81 of its public IP get redirected to the port 80 of the private IP of the DSL router.

    1.1.1.1 (Internet Client) -------> 2.2.2.2 (Internet MT IP) ------> 172.16.0.1 (Private IP of DSL Router)

I have tryed seting up the following but with no luck :

ip firewall nat chain=dstnat src-address=1.1.1.1 dst-address=2.2.2.2  protocol=tcp dst-port=81 in-interface=eth1-wan action=dst-nat to-address=172.16.0.1 to-ports=80
ip firewall nat chain=srcnat src-address=1.1.1.1 dst-address=172.16.0.1 action=masquerade

The same rules applied to redirect trafic from the LAN to another LAN server works, but not to the WAN.

Any sugestions ?

tjc · March 4, 2012, 6:08pm

Check/post your firewall filter rules to make sure that they allow incoming traffic to that port. You didn’t say what model you’re using, but many of them have a default filter rule that blocks new connections from being establish from the WAN.

The other thing to check is that the addresses specified match what your router is seeing. Temporarily adding a logging rule to the firewall filter can help with that.

dlopez · March 4, 2012, 9:31pm

As far as I can tell, using torch to do a little digging, I can see how the connection between 1.1.1.1 and 2.2.2.2 is made, and how is redirected to 172.16.0.1 but it looks like the connection doesn’t have any way back route.

Any ideas of what I’m missing ?