GX400 Behind NAT Router

I have a GX400 with ethernet connection to a Billion 7800 internet modem router. I cannot browse to the gx400 from outside my network. I’ve run out of settings to change.

[attachment=0]topology.jpg[/attachment]
edit - my image attachment didn’t work. Its a simple network. A modem router with wired internet connection, static ip address, with gx400 and webserver attached. I attach a netbook with dynamic ip address.

The webserver and GX400 have static ip addresses in the same non-routable range as the Billion modem/router (192.168.1.0 - 192.168.1.255). Port forwarding in the Billion works for port 80 on the web server. I can browse the web server. I cannot browse the GX400 from outside my network.

On the Billion I can perform the following tests:-
external port 80 to web server port 80 works
external port 9191 to web server port 80 works
external port 80 to gx400 port 9191 port is not open at browser, hairpin to gx400 works
external port 9191 to gx400 port 9191 port is not open at browser, hairpin to gx400 works

By hairpin I mean browsing to gx400 from within my network using the routable static ip address of the Billion. The same uri I would use from outside my network.

It makes no difference whether the gx400 static address and mac address is added to the Billion static list or arp static list. Port forwarding tcp or tcp/udp makes no difference. There are no firewall restrictions in the Billion or with my ISP (I had to remove some).

gx400 has following settings:-
DHCP/Addressing Host Connection Mode - All Hosts Use Private Ips
Setting of Ethernet uses public Ips doesn’t change anything

LAN Address Summary -
Interface Device IP Subnet Mask Access Internet DHCP Server Mode Starting IP Ending IP
Ethernet 192.168.1.102 255.255.255.0 Yes Disable 192.168.1.0 192.168.1.254

Host Port Routing - default, no entries.

gx400 DMZ Enabled - disable
gx400 Port Forwarding - disable
gx400 no port or mac filtering, no trusted ips, no packet inspection

gx400 has Lua software installed with a webserver on port 8089. Behaves same as port 9191 for browsing. Hairpin works, browse from outside doesn’t.

This is one of those “it should be simple” things. Has anyone else got a configuration for gx400 that will work? What am I missing?

I’ve yet to try with a different modem/router.

My work around at the moment is a proxy running on the webserver which passes requests from external browsers to the gx400 and back.

Its on Page 35 of Aleos 4.3.5 manual which has “Enterprise LAN Management” to connect through modem router.

It says “Configure the router to use Network Address Translation (NAT).” which I have done.

misunderstood ALEOS manual description of hairpin.

What I meant is that from my netbook with 192.168 address on my network with GX400 with 192.168 address I can browse to my static ip address 124.148.nnn.nnn:9191 and log into ACE on the GX400.

What I can’t do is browse to my static ip address from outside my network and see the GX400.

If I port forward (in my modem) port 9191 to my web server I can see the web server from inside and outside my network.

Frustrating.

tried a different modem. Same outcome.

Wireshark shows tcp request forwarded to gx400.

No response to requests from outside local network.

general conclusion - the gx400 ethernet connection may be blocking any public ip address. Which seems a bit odd as it has firewall included (all disabled).

Does anyone know?

with a lot of help from Aus support problem resolved in Aleos 4.4.1 with DHCP “auto”.