I am new to OpenWRT; because of an Amazon Review I decided to buy a Zyxel VMG1312-B30 and use it with a TP-Link Archer Router with OpenWRT. My Internet Service Provider is rather small and brought VDSL via FTTC to our house.
I set the Zyxel Modem into Bridge Mode and configured the TP-Link Router with OpenWRT on it. Everything works great - even the QoS (which is the reason I switched to this setup from an older Fritzbox) - but I am still confused about my WAN settings: It works as a DHCP client right now but shouldn't PPPoE be the right protocol in this case? I tried to change this setting but since my connection works without any login data from my provider (it was just plug & play with the Fritzbox and the Zyxel device), I am really not sure if this is correct. I would not care about this but I realized that port forwarding is not possible - even though tcpdump shows me something when I use an online tool (https://www.yougetsignal.com/tools/open-ports/) to check a port that I need in able to reach my NAS. Is the protocol (DHCP instead of PPPoe) an issue in this case and could it be related to my problems with port forwarding?
An old DS212+ from Synology. I tried QuickConnect but it's too slow since the device is really old. Synology support adviced me to try Port Forwarding.
But apart from the NAS: Do you think that the fact that these ports appear to be closed even after I setup forwarding is connected to the wan interface's protocol?
Oh sure, I just thought that the name wouldn't be useful but I gladly share it with you: They are called Thüga Connect (https://www.thuega-energie-gmbh.de/connect.html) and are affiliated with a local energy supplier
What IP4 address does your router report? Please replace the last segment with XXX, like
123.2.3.XXX
The question is, does your ISP use carrier grade NAT in which case port forwarding will get tricky.
try tailscale if you don't want to mess with any networking.
Try wireguard if you want to dig a little deeper. Tailscale is in fact based on wireguard.
Also try zero-tier, again no networking knowledge is required.
I just switched to my iPad and decided to test it there. This made me realize that even though I deactivated IPv6 following this instruction https://3os.org/infrastructure/openwrt/disable-ipv6/ , I had an IPv6 address and also a different external IPv4 address than what the router and my PC (wired connection) show. In fact, it looks like cgn nat is active since the address starts with 100… Am I right here? I just don‘t understand why router and PC still show the 97… IPv4 address.
Would it be a good idea to ask my ISP for a true IPv4 address? It looks like that‘s an option I could add to my plan for 3€ per month
EDIT: nevermind, I just didn‘t know about apples privacy relay feature… once it is deactivated, I got the same IPv4 and no IPv6 address…
Thanks, that is a public IPv4 address. I am impressed, your ISP is doing quite well! No PPPoE (which is costly for a router as every data packet needs to be either en- or decapsulated, which is avoidable work), but DHCP and also no CG-NAT. Maybe you ask whether they might block ports for their customers for security reasons?
Since you already have a dynamic public IPv4 address that might be a static public IPv4 address, if so, I am even more impressed by your ISP...