Intranet not reachable through static IP

Installing and Using OpenWrt Network and Wireless Configuration
1

Need some help, pls. Setup is a Fritz Box from Unitymedia which provides a static IP and wired to that a Linksys Router (OpenWrt Chaos Calmer 15.05.1). I can reach the internet fine, whatsmyip shows the static IP. Interfaces - WAN: static_ip

So far so good. But unfortunately I'm unable to reach any service behind my Linksys Router. My last ISP set me up with a modem that could be put into bridge mode, no static IP though. I had no trouble accessing i.e. my DiskStation through the corresponding ports.

What do I need to change to reach my intranet services via the static IP? Thanks!

2

Likely your IP...but you blocked it out.

Is that IP identical, or in the same range as the IP of the Linksys?

3

Why mask : 255.255.255.252 and not 255.255.255.0 ?

4

Forwarding, i.e.: port_fw

5

That's what my ISP told me too do and it seems to work.

6

Not the same IP. The static IP is provided by the ISP. Linksys is on 192.168.1.1
Would have liked to post more screenshots but my "level" doesn't seem to permit it (yet?).

7

My settings

Interfaces - LAN: router
Interfaces - LAN, Physical Settings: router_physical
Zones: zones

8

Wait...are you saying that:

Fritzbox <> Linksys <> LAN

You want to reach devices on LAN from Fritzbox?

Did that Port Forward work for you?

9

Yes: Fritzbox <> Linksys <> LAN

You want to reach devices on LAN from Fritzbox?

I would like to get through to my DiskStation on LAN form WAN.

Did that Port Forward work for you?

Yes, the forwarding used to work fine when the setting still was: Modem in bridge mode <> Linksys <> LAN

10

So your issue is with the Fritzbox, correct?

Did you make a Port Forward there?

11

Globally routed IPv4 is limited and the smallest routable pool is /30.

12

I really don’t know where the problem lies. The ISP helpdesk (Unitymedia) told me port forwarding needs to happen on the router. So I assumed the Fritz Box doesn’t need any further configuration.

Nevertheless I tried forwarding from the Fritz Box to the Router but that didn’t solve the issue. Didn’t change the port forwarding in the router that used to work with the modem in bridge mode.

13

Add port opening for SSH/HTTP/HTTPS on OpenWrt in firewall WAN-zone.
Check your public IP with some port-scanner service from the internet.
Better if it supports service fingerprint detection.
You should see something like this:

# nmap -sV -p22,80,443 localhost
Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-12 12:24 MSK
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00011s latency).
Other addresses for localhost (not scanned): ::1

PORT    STATE SERVICE  VERSION
22/tcp  open  ssh      Dropbear sshd (protocol 2.0)
80/tcp  open  http     LuCI Lua http config
443/tcp open  ssl/http LuCI Lua http config
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 12.57 seconds
14

The IP checks out fine. All ports show as closed when I scan for them, any idea why? See above the screenshot of my "Firewall - Port Forwards" settings.

15

So you have set port opening and it still shows closed ports?
Then that's not fine, something blocks the traffic and it's not OpenWrt.

16

You were absolutely right, the Fritz Box was the culprit. I was giving up on the whole static IP setup but in the end Unitymedia Helpdesk walked me through a seemingly arbitrary ritual of resetting and rebooting the Box. It resulted in the Fritz Box assigning the static IP to my router which is now reachable as an exposed host.
Didn’t change OpenWrt’s setup, port forwarding is working fine (again).

Thank you!

1 Like
17

This is sometimes called IP pass through, and is the closest thing to bridge mode on some devices. Glad you got it working.

18

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.