Port Forwarding 443 Forwards to the WebUI of the Router Instead of the Internal Server
Port Forwarding 443 Forwards to the WebUI of the Router Instead of the Internal Server
Hi,
I have ER605 managed by Omada Controller.
Under Transmission - NAT, I configured the following Port Forwarding rule:
Source = any, Interface - WAN1,WAN/LAN1, source port = 443, destination = 192.168.0.201:32400.
When I browse to the external IP of my router, I'm getting the WebUI of the ER605 instead of my internal server 192.168.0.201.
Please advise the rule above doesn't forward the traffic to the internal server.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @Zosha
Thanks for posting in our business forum.
Zosha wrote
This is an operational server and it's working from LAN and VPN remote access. What's not working is the port forwarding. I made a NAT rule WAN IP:32400 => 32400 - working. The question is how do I make it work WAN IP 443 => LAN 32400.
Can you export the backup for me? If you are okay with this, let me know and I'll create the case for you.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Hey Zosha, I had a similar issue but I had my own work-around which may/may not work for you based on your application. My work-around is to create a custom "external" port to forward to my internal well-defined port 80 (in theory, it should work with 443 or any other well-defined ports too)
Let's say I have an Internal Server (AdGuard, PiHole, etc), instead of accessing them using my "wan ip", I access them using "wan ip:custom port" and I forward that to any local port (80, 443, etc. etc).
I have a video about it, this link starts midway towards the configuration.
Good hunting!
- Copy Link
- Report Inappropriate Content
Hi @Zosha
Thank you so much for taking the time to post the issue on TP-Link community!
To better assist you, I've created a support ticket via your registered email address, and escalated it to our support engineer to look into the issue. The ticket ID is TKID231100786, please check your email box and ensure the support email is well received. Thanks!
Once the issue is addressed or resolved, welcome to update this topic thread with your solution to help others who may encounter the same issue as you did.
Many thanks for your great cooperation and patience!
- Copy Link
- Report Inappropriate Content
Thank you, @Clive_A
- Copy Link
- Report Inappropriate Content
Hi @Zosha
Thanks for posting in our business forum.
Zosha wrote
Thank you, @Clive_A
In response to your created ticket, I am writing here and in the email at the same time and let you know the result from the test team.
Test team has reported that they DID NOT run into any issues with the port forwarding with your backup. They imported what you have in their test environment. Same firmware and controller version.
Both rules you created can work well without any issues at all.
First entry, WAN and WAN/LAN1, limited SRC IP and DST_IP_Port 192.168.0.201:32400 and SRC_Port using 80, 443 and 32400 can access from external network(WAN) and from LAN.
Second entry, without any limitations on the SRC IP, same config for the rest of them, 80, 443 and 32400 can be accessed from both WAN and LAN.
So, here's the test team's question, are you referring to the situation where you access the WAN-IP from LAN without specifying the port number(in the format of 1.2.3.4) and having trouble with this?
The test team said if it is the situation, then indeed, you cannot access the web interface of the Plex.
- Copy Link
- Report Inappropriate Content
Hi @Clive_A,
My use case is the following:
HTTPS://<WAN-IP> => https://<INTERNAL-SERVER>:32400
What happens today is that I get the WebUI of the ER605 instead of https://<INTERNAL-SERVER>:32400.
- Copy Link
- Report Inappropriate Content
So, I would appreciate it if you could read the reply above. We failed to reproduce the issue. Port forwarding 80 and 443 can work with your backup.
If you want to explain this further, you can record your screen and illustrate this issue to the dev. If you want to have a remote session with us, I can probably ask the test team and arrange one remote with you guys.
Update:
In addition, the test team told me that in your config, if the source IP is set to 443, and you access it from the WAN, either with HTTPS or 443 with the WAN IP, you can access the internal-server:32400.
- Copy Link
- Report Inappropriate Content
@Zosha Did you ever get this resolved? I'm also running an ER605 with an Omada OC200 controller. Trying to get Kemp load balancer to work on my network. Anytime I have port 443 forwarded to my load balancer my internet connection just stops working. I'm not seeing the router login page though. I have a ton of Omada h/w. Starting to regret my purchase decision and am seriously thinking about going back to my three Asus routers running in mesh mode. It could be me.
- Copy Link
- Report Inappropriate Content
Hi @IrvineDave
Thanks for posting in our business forum.
IrvineDave wrote
@Zosha Did you ever get this resolved? I'm also running an ER605 with an Omada OC200 controller. Trying to get Kemp load balancer to work on my network. Anytime I have port 443 forwarded to my load balancer my internet connection just stops working. I'm not seeing the router login page though. I have a ton of Omada h/w. Starting to regret my purchase decision and am seriously thinking about going back to my three Asus routers running in mesh mode. It could be me.
Start a new thread, draw your diagram and we start from there.
Like the solution in it, we don't reproduce this and it is not a problem with the functionality. Also, please read the port forwarding troubleshooting guide and reply to me the result of each suggestion.
If you have doubt in the product, you can return it before things get messy. Sometimes, we need you to cooperate to debug and reproduce it.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 2148
Replies: 20
Voters 0
No one has voted for it yet.