Port forwarding to the static IP machine on LAN does not work

So I have 2 LANs, #1 is and #2 is
Both LANs have their respective routers &
Some machines are set to obtain address via DHCP, some are statically configured.
The task I need to accomplish is to route traffic (VNC & HTTP) from machines on LAN 1 to the specific machines on LAN 2. Target machines have IPs statically assigned (ex:
To acomplish this I picked an old D-Link DIR-615 rev. I1, freshly flashed it with
LEDE Reboot 17.01.2 r3435-65eec8bd5f / LuCI lede-17.01 branch (git-17.152.82987-7f6fc16)
Now the setup I have is:
-- WAN ip is set to static (known to be out of DHCP scope on LAN #1)
-- LAN device IP is set to (known to be out of DHCP scope on LAN #2)
WAN ethernet is connected to the switch for LAN #1
LAN ethernet is connected to the switch for LAN #2
Port forwarding For the test is set to route all traffic from WAN port 8080 to the
(Initially I was planning to make few different port mappings to hit different machines, ex: =>; => and so on.)
The problem is, when DIR-615 is not a DHCP server in LAN #2 the port forwarding does not work.
If I enable DHCP on DIR-615, and my machine gets assiged by DIR-615 DHCP everything is working perfectly fine.

I also though it could be that DIR-615 does not have ARP record for if it doesn't hand out IPs, so I

  1. added
    to the /etc/ethers
    and I added
    sleep 30
    post-up arp -f /etc/ethers
    to the startup script on the DIR-615 UI.
  2. Connected test machine to the DIR-615 LAN ethernet directly.
    I can see in the logs the /etc/ethers gets picked up, DIR-615 can easily ping
    But port forwardinag does not work.
    What am I missing to make it work?
    (I don't mess with networking on my job much, so sorry if this is a dumb question)

There are many things worth addressing here...

Why are you using a /8? This is unnecessary. A /24 is usually sufficient for most home network needs.

Why are you using 2 routers? Why not one with 2 lan subnets/VLANs?

Time to get a new device. LEDE 17.01 is very very old, and it is not safe to be used on the internet anymore (or with wireless) due to many serious security vulnerabilities. It has been EOL for ~4 years now, and is completely unsupported.

DHCP and port forwarding have nothing to do with each other, except insofar as the host getting an IP that is predictable.

So what is your DHCP server? It clearly needs to be configured such that it issues a lease for to the desired host. If you don't have a DHCP server, or if that address is out of the DHCP range, you can simply set a static IP on that host.

1 Like

You need a SNAT rule if the router's IP is not the same as the LAN gateway.

1 Like

Cudos LGA1150!
You made my day!
For anyone else searching for solution:

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.