Having issues with port forwarding on a gl-inet gl-x750 spitz. I use LTE to get wan.
As a test, I set a static ip for a laptop running nginx. This laptop does not have a firewall running. I can access the nginx page on a laptop connected to the same lan.
$ nc -v 192.168.100.189 80
nginx.home.lab [192.168.100.189] 80 (http) open
Then in luci I go to firewall and port forwarding as shown in screenshot. I also attached my firewall general settings.
It does not work.
curl inpinfo.io to get my public ip and then I run the netcat command with that ip, but it simply times out:
$ nc -v my-public-ip-here 80
my-public-ip-here [my-public-ip-here] 80 (http): Connection timed out
What could I have missed? Where can I see debug messages for this?
ISP not allowing incoming traffic ?
Hmm true, did not check that. Can call and check with them.
Btw, I have enabled logging for the LTE interface, I did not think it was logging anything, but seems there's something after all:
root@router:~# logread | grep -i wwan0
Mon Nov 14 10:47:23 2022 kern.warn kernel: [ 155.596128] reject wan in: IN=wwan0 OUT= MAC= SRC=XXX.XX.XXX.XXX DST=XX.XXX.XX.XX LEN=98 TOS=0x10 PREC=0x20 TTL=52 ID=44618 DF PROTO=TCP SPT=443 DPT=55966 WINDOW=501 RES=0x00 ACK PSH URGP=0
Mon Nov 14 10:47:23 2022 kern.warn kernel: [ 155.614076] reject wan in: IN=wwan0 OUT= MAC= SRC=XXX.XX.XXX.XXX DST=XX.XXX.XX.XX LEN=83 TOS=0x10 PREC=0x20 TTL=52 ID=44619 DF PROTO=TCP SPT=443 DPT=55966 WINDOW=501 RES=0x00 ACK PSH URGP=0
Mon Nov 14 10:47:23 2022 kern.warn kernel: [ 155.632012] reject wan in: IN=wwan0 OUT= MAC= SRC=XXX.XX.XXX.XXX DST=XX.XXX.XX.XX LEN=52 TOS=0x10 PREC=0x20 TTL=52 ID=44620 DF PROTO=TCP SPT=443 DPT=55966 WINDOW=501 RES=0x00 ACK FIN URGP=0
Is this related to something else or possible I can reach it? The time matches when I was testing some stuff. I can not get it to reproduce at the moment when trying to run netcat again. The DST ip is my internal IP for the LTE interface so that makes sense, SRC IP I do not recognize.
Edit: Hmm, seems to pop up sometimes and SRC ip is always different so far.
It's quite rare for LTE to issue public IP addresses to customers, are you sure that your public IP address is really public?
Contacted my ISP and I needed to change the APN, the default one does not have a public address enabled. Changed the APN value for the interface in Network > Interfaces as they instructed and now it works.
Thanks guys for making me check with my ISP.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.