Edge Router Lite Port Forwarding

xrs

xrs

Associate
Joined
16 Aug 2007
Posts
302
Dearest friends.
I need help!
I recently purchased an Edge Router Lite after numerous OC users extolled its virtues. Now it seems like a rather good router. It’s small and black. What more could one want from a router? Therein lies the problem. With a rather limited understanding of computer networking coupled with a limitless propensity for ignorance, I am unable to get the device to port forward.
I am trying to port-forward so that my burglar alarm (Texecom Premier Elite 24 Poly) can connect to the internet and inform me when someone tries to break in. No doubt to steal my ERL.
I don’t understand how to use the CLI so I am limited to the GUI.
Information:
Burgler alarm has a DHCP reservation of 192.168.1.4 and I need to open TCP port 10001…

ERL settings
Eth0 = my Lan port.
Eth1 = my Wan port.

I have affixed some pictures to illustrate my settings.

Please let me know if any more information is needed.

I would greatly appreciate any assistance!

1_zpsodmaca7w.jpg


2_zpsutiitbta.jpg


3_zpshgzehnat.jpg


4_zpsj2cjz45k.jpg


5_zps2ex51k01.jpg


6_zps5ejgqwie.jpg


7_zps3takrzpl.jpg
 
Associate
Joined
25 Jun 2009
Posts
1,260
Location
Guernsey
I don't have an ERL, so I'm guessing a bit, but from a quick glance it looks to me like you're setting up port forwarding there for traffic coming in from the outside world to your alarm. Whereas if you want your alarm to connect to the outside world (as your post states), you'll need to permit traffic on port 10001 to go out to the internet.
 

xrs

xrs

Associate
OP
Joined
16 Aug 2007
Posts
302
Thank you for the replies. Please feel free to ELI5!

There is no reason why hairpin NAT is enabled. I don't even know what it does.

How do I set up the ERL NAT rules to allow communication with the outside world? Would this be a rule created in the Add Source NAT rule section?
 
Don
Joined
21 Oct 2002
Posts
46,744
Location
Parts Unknown
Hi, I have this exact same router and I use port forwarding on it.

Did you use a wizard to set it up?
You should as it configures a lot for you.

After using the wan2lan2 wizard, all I had to do was that first screen that you showed
 
Caporegime
Joined
18 Oct 2002
Posts
26,053
You source IP won't be your WAN IP, it should be set to Any/All/whatever terminology Ubiquiti use. Same with the port - requests won't be coming from that port in any way that you can guarantee or predict. Those numbers should be in the destination part of the rules.

Also, if your burglar alarm just needs to communicate outbound then the Ubiquiti routers with the basic NAT config out-of-the-box are set up to allow this.
 
Last edited:
Soldato
Joined
5 Nov 2011
Posts
5,356
Location
Derbyshire
I'm wondering if it has anything to do with using all of the port forward, firewall input rule and setting up a destination NAT rule?
I don't have the router but that seems a little odd to me, port forwards on my Tik are handled exclusively by destination nat rules.

Also you shouldn't need to set up a port forward for your alarm to send stuff out from your network. Generally speaking routers let anything go outbound, maybe it's a setting on your alarm that needs tweaking, ie it needs SMTP details?
 
Don
Joined
21 Oct 2002
Posts
46,744
Location
Parts Unknown
Just to confirm, to succesfully port forward on mine, all I've had to do was this screen.

1_zpsodmaca7w.jpg


Are you 100% sure that your ETH0 and ETH1 ports are the right way round? :)

If you tick 'show rule stats', you should be able to test it.



-How does this alarm thing work, as said above, I would expect an alarm to reach outwards, which means you shouldn't need to port forward..

Or do you have some kind of monitoring tool on your phone that has to connect up to the system through port forwarding?


I would be tempted to flash 1.8.5 and wipe the device to start over. Run one of the setup wizards, then try port forwarding again.

-Also do you need to enable it in your Windows firewall?
 

xrs

xrs

Associate
OP
Joined
16 Aug 2007
Posts
302
I'm trying to get my Xbox One port forwarding working now, as there might be a setting within the Burglar alarm that needs to be changed. At least with the xbox I can see if the NAT is open at the moment.

I am 100% certain that eth1 and eth0 are the correct way around. I checked it 8 times. ;)

I am going to try and flash the newer firmware and start again!
 

xrs

xrs

Associate
OP
Joined
16 Aug 2007
Posts
302
Ok... So I reset the router.

Installed the latest and greatest firmware.

Set up the DHCP server so my xbox is 192.168.1.105.
Re did the NAT thing and clicked auto firewall.

Success...the Xbox is reporting an Open NAT. So hopefully it all seems to be working now! I don't know why the port forwarding was not working before :confused:
 

xrs

xrs

Associate
OP
Joined
16 Aug 2007
Posts
302
Ok, so the Burglar alarm is now connected to the internet! Great success. :D

In the burglar alarm app (used to arm/disarm the panel remotely), I had made the mistake of putting the local ip address instead of my WAN ip address!

I have two networks set up (temporarily). My wireless network which is DSL.

My wired network which is virgin. My iphone was on a different network, so of course was never going to see the local ip address of the burglar alarm on another network.

I'm an idiot! :D
 
Don
Joined
21 Oct 2002
Posts
46,744
Location
Parts Unknown
Glad you got it sorted.

Very impressed with mine, nice solid router.

Once they add an OpenVPN GUI, it will be perfect. (Yes, I know it can be done via commandline)
 
Back
Top Bottom