[FIXED] Can't Port Forwarding Gigabit SMART RG SR516ac

Internet access discussion, including Fusion, IP Broadband, and Gigabit Fiber!
7 posts Page 1 of 1
by dandp » Tue Dec 31, 2019 12:24 pm
Hi,
I'm trying to set up a port forward so that I can VPN into my network, but I can only access the OpenVPN server on the local network (192.168.X.X).

The OpenVPN server is on an Odroid XU running DietPi. I installed the OpenVPN server using the PiVPN option in DietPi.

The Odroid is hardwired to SMART RG router via ethernet.

Using THIS previous post I I entered the following in the Advanced Setup > NAT > Virtual Servers Menu
User Interface: IPOE_eth4/eth4.1
Service Name: Custom Service: "OpenVPN"
Server IP Address: 192.168.X.#
External Port Start: 1194
External Port End: 1194
Protocol: UDP
Internal Port Start: 1194

I reboot the router and the Odroid, but I can't connect from outside my network.

I've done this before on another ISP using my own router running Tomato and it works with all the same hardware (the Odroid and my Laptop/Phone).

What am I missing?
Thank you for the help!
by ds_sonic_asif » Tue Dec 31, 2019 2:05 pm
You also need to set up a static IP lease for your local host's IP in the DHCP section of the LAN configuration.

[img]http://ds_sonic_asif.users.sonic.net/Selection_001.png[/img]
by dandp » Wed Jan 01, 2020 1:03 am
Thank you. I had not thought to do that.
But that did not work unfortunately.
I cannot connect from outside my network. Even canyouseeme.org can't see the port as open.
What else could I try?
by js9erfan » Wed Jan 01, 2020 11:29 am
I cannot connect from outside my network. Even canyouseeme.org can't see the port as open.
What else could I try?
Since relying on online port scanners can be iffy with UDP ports, try changing the port to 1194 TCP on your OpenVPN server, update the forwarded port on the RG and re-scan the port remotely. If it's still not showing as open then verify you specified the correct LAN interface and IP in the RG for your OpenVPN server. You can also try using a different port in case 1194 is being blocked upstream (I run mine on 1197 UDP without issue).

I don't have a SR516ac but according to this site the port forwarding process is pretty simple. If you can do a packet capture on the WAN interface that will also tell you if packets are being received by the router or not.

Once you're able to determine the router is allowing remote connections to 1194 then check your OpenVPN server logs for client errors if you're still not able to connect remotely.
by dandp » Wed Jan 01, 2020 1:23 pm
Thank you for your help js9erfan! Still no luck though. Here's what I've done:

I checked to make sure the LAN interface (IPOE_eth4/eth4.1) is selected and that the Odroid is assigned a static IP. I checked to make sure the MAC addresses of the Odroid and the LAN Static IP List are the same.

I switched the port forward on the router to TCP

I reinstalled the OpenVPN server on the Odroid using TCP and port 1197.

Rebooted both router and Odroid.

I get the same output on the OpenVPN client log when trying to connect from outside the network. Still no connection. I did confirm that I was able to connect to the server while on my local network.

Using Shield's Up I found that port 1197 is now open
What remains now is capturing the packets on the WAN interface. How would I go about doing that?
by dandp » Wed Jan 01, 2020 2:40 pm
Do you have any guides that you know work.

A bit of Googling and I found how to mirror the traffic from the SMART RG router to my hardwired laptop using THIS link. Apparently its a "hidden page" at [Your_Router's_IP]/admin/engdebug.cmd

That takes me to a Port Mirror page with the following options:
Image

The "Mirror Interface" are drop down menus where you can select from any of the 4 LAN ports on the router to mirror the WAN port to. I select the port my laptop is connected to next to "ptm0", click the box under "Enable" and click the "apply" button.

Using THIS guide I installed Wireshark and attempted to see if I could ID any of the port scans from Shield's Up.

I don't have any experience with Wireshark so I don't know what to look for. Any pointers in which direction I should go next?
Thank you both by the way.
by dandp » Wed Jan 01, 2020 3:32 pm
FIXED IT!!! Whoohoo.

Okay, so it now works on UDP and and port 1197.

Two errors (human) occurred. The first was when I entered in the wrong port numbers when adding the Virtual Server, I selected what my browser remembered I previously entered and that was port 1194, not 1197. Ugh...

Then the laptop I was using to VPN in from the outside was not connected to my hotspot, but to my local wifi network. Ugh again. Apparently attempting to VPN from within the local network to that network's public IP address is a no go (though I don't know why).

Thank you ds_sonic_asif & js9erfan for your guidance and time!
7 posts Page 1 of 1

Who is online

In total there are 34 users online :: 1 registered, 0 hidden and 33 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am

Users browsing this forum: Bing [Bot] and 33 guests