How to properly set access to the services on the LAN? Archer C6

How to properly set access to the services on the LAN? Archer C6

How to properly set access to the services on the LAN? Archer C6
How to properly set access to the services on the LAN? Archer C6
2 weeks ago - last edited 2 weeks ago
Model: Archer C6  
Hardware Version: V3
Firmware Version: 1.0.16 build 20230828

How to set properly access to the local services? I have Raspberry pi as TV server using ports 9981,9982. I have no access to it from local PC when firewall is set on on the router. It is working when I add TV server to the DMZ. But I want acces to the different device on the LAN to, and there is place only for one on DMZ. And I do not want to allow free  access to all ports from WAN. I can set NAT rules for access from WAN to specific ports, and I believe it will be OK for access from remote device to local server. But what about local device to local server? I didn't find the way how to open specific port on LAN.

  0      
  0      
#1
Options
1 Accepted Solution
Re:How to properly set access to the services on the LAN? Archer C6-Solution
2 weeks ago - last edited 2 weeks ago

  @Joseph-TP 

Hi Joseph

Thanks for the reply

My router is connected to WAN by ethernet. Connectivity provided by local interest group. So topology is:

 

WAN <---> 10.92.4.40 (DHCP client) TP-Link 192.168.1.1 (DHCP server) WiFi local net  

 

Clients connected to the TP-Link by WiFi:

192.168.1.240 LibreElec (DHCP IP reserved on TP-Link)

192.168.1.109 Dochy-Lenovo (DHCP, dynamic)

(and other 3-4 not relevant for the case)

 

Connection to LibreElec was initiated from Dochy-Lenovo PC every time by using IP address.

 

When I wanted to check all details before replying, I realized that all is working now even if I removed LibreElec from DMZ.

At this point it looks like we can end this conversation. 

I have no idea why I had issues I described before and I think I am not able to find the reason as it looks good now.

 

so thanks for you effort and I will provide more information if problem occurs again.

Have a nice day

Dochy

Recommended Solution
  0  
  0  
#3
Options
2 Reply
Re:How to properly set access to the services on the LAN? Archer C6
2 weeks ago

Hi  @Dochy,

 

Port forwarding on a router is a technique that is used to allow external devices access to services on private networks. This is typically used for gaming, running a web server, or for some peer-to-peer file sharing systems. The port forwarding feature is only available when the router is working in Router Mode.
You may log in to rotuer's Web management page and go to Advanced > NAT Forwarding > Port Forwarding/Virtual Server/DMZ to configure it. You can set up to 32 entries.
If you are using port forwarding and DMZ host at the same time, please note that port forwarding rules have greater priority than DMZ.
This FAQ provides the detailed instructions on configuring port forwarding based on different router models: https://www.tp-link.com/support/faq/1379/
Additionally, here are some tips for you if port forwarding doesn't work:
    1. Make sure the server is accessible from the internal network.
    2. Make sure your router obtains the public WAN IP address, if your WAN IP is not a public one, port forwarding will not work. (CGNAT address is also private IP address that ranges from 100.64.0.0 to 100.127.255.255.)
    3. Check the firewall settings of your server, make sure it allows traffic from the outside Internet.
You may check more detailed instruction following the FAQ: Why port forwarding feature is not working

 

 

In order to better locate the problem, can you provide more details? For example, what are your specific usage requirements and scenarios? Please provide relevant screenshots of the specific settings.

 

May I know if your network topology diagram is as follows:

Cable modem—router—main deco )))((( client devices

(Note: — stands for wired connection,)))((( stands for wireless connection )

  0  
  0  
#2
Options
Re:How to properly set access to the services on the LAN? Archer C6-Solution
2 weeks ago - last edited 2 weeks ago

  @Joseph-TP 

Hi Joseph

Thanks for the reply

My router is connected to WAN by ethernet. Connectivity provided by local interest group. So topology is:

 

WAN <---> 10.92.4.40 (DHCP client) TP-Link 192.168.1.1 (DHCP server) WiFi local net  

 

Clients connected to the TP-Link by WiFi:

192.168.1.240 LibreElec (DHCP IP reserved on TP-Link)

192.168.1.109 Dochy-Lenovo (DHCP, dynamic)

(and other 3-4 not relevant for the case)

 

Connection to LibreElec was initiated from Dochy-Lenovo PC every time by using IP address.

 

When I wanted to check all details before replying, I realized that all is working now even if I removed LibreElec from DMZ.

At this point it looks like we can end this conversation. 

I have no idea why I had issues I described before and I think I am not able to find the reason as it looks good now.

 

so thanks for you effort and I will provide more information if problem occurs again.

Have a nice day

Dochy

Recommended Solution
  0  
  0  
#3
Options