I'm using a GL-MT300N-V2 on the latest firmware and I'm having difficulty setting up a forwarding port from the wireless wan to the lan. My configuration/setup is as follows:
GL-MT300N-V2 is connected by WiFi to my home network (Google WiFi) with IP 192.168.86.45. I can access the admin and confirmation pages of the GL-MT300N-V2 without issue. I'm using the advanced configuration for this router, which uses OpenWrt 19.07.8.
I have the LAN port connected to a device with it's own DHCP, on 172.27.153.x.
I have opened and forwarded port 8080 from WAN 192.168.86.45 to 172.27.153.1:80 (which contains data I want to access using HA).
I have set Firewall Zone Forwardings to accept wan=>lan.
The wireless interface configuration is set to Client mode.
I'm not able to access the information I need using an HA integration with the above configuration. When I scan the 192.168.86.45 IP/router device for open ports, 8080 does not show as open.
I've configured routers before, but I'm clearly missing something with this setup as I'm not able to get to the information at the device at 172.27.153.1:80. Any help is appreciated!
I'm using a guide for an HA integration that provides the following steps - and it sounds like quite a few people are successful in getting this configuration to work. Only different in my setup are the subnets used, but I've otherwise followed the configuration below in an attempt to allow my WiFi 192.168.86.x LAN to access a device with it's own DHCP on on 172.27.153.x using the GL-MT300N-V2 as described below. Is this not possible? I can't use VPN or SSH to access.
Basically I’m using a small travel router to make a bridge between my home Wi-Fi network and the travel router’s LAN port, which connects to the SunPower installer port, with port forwarding for the API requests.
I used a GL-iNet travel router; in my case it’s model GL-MT300N-V2, only around $20 and very compact (it’s also quite useful as a portable VPN solution for travel but that’s another matter).
For initial configuration, I connected my PC to the LAN port of the router and configure as follows. This router has a simplified GUI which allowed me to do all the steps except one (which required the alternate “advanced” LuCI screens).
Connect the Wi-Fi repeater to my internal network (in my case I used a separate SID on my main network with no Internet access and limited access to the rest of my network… this part is optional).
[Update: Step 4 should no longer be necessary as of the GL-iNet firmware version 3.203, should be possible to disable inbound Wi-Fi now] Define an inbound Wi-Fi name/password - technically this WISP/repeater piece shouldn’t be necessary, but with this device I found that it wouldn’t automatically connect the “uplink” Wi-Fi without also having an active downlink. Otherwise I would have disabled inbound Wi-Fi.
Change the LAN IP to 172.27.153.10 (the .10 part can be anything, but not .1 as the SunPower is expected to be at 172.27.153.1)
Firewall: Create a port forwarding rule from WAN port 8080 to 172.27.153.1 port 80. I used port 8080 so that I’d still have access to the router’s admin pages using the default port 80.
Firewall: Enable inbound port 80 (allows router admin from internal network)
Firewall: Enable inbound port 8080 (which was forwarded above to SunPower’s port 80)
Go into Advanced settings (the LuCI screens): Under Network/Firewall, change the zone settings for zone “wan”: Add lan to the “covered networks” list and change “Input” to “Accept”. I don’t understand all of the details here, but my port forwarding didn’t seem to work until I did this.
Mount the router in the SunPower box, plug the power connector to the USB port and the LAN connector to the installer port.
Back on my main router configuration, assign an IP to this travel router (which should be connected via Wi-Fi now).
Configure the SunPower integration (the krbaker/hass-sunpower integration added via HACS) to use my assigned local IP at port 8080 (in my case: 10.10.40.10:8080).