Serial Forwarding

hello everyone,

i am using several LS300 , LX60 , and RV50X.

all above models share same template which is defined at Aleos under Serial Tab as follows :

Startup Mode: TCP
Device Port : 16889
Destination Port : 16889
Destination Address : 10.50.60.26

and the IP of 10.50.60.26 is the Server static VPN IP , which means , all traffic from all modems to be forwarded to that server.

All Modems have static VPN IPs, when i connect from any modem and tried to get the serial traffic from any other modem it succeed .

i am wondering why modems can forward the Serial Traffic to any IP despite the fact that modems are programmed to forward its Serial Traffic to the specific IP .

Thanks in Advance

Hi abuashie,

Could you please help to check security configuration on your VPN server (such as port forwarding) if it was correct?

Thanks,

hello @jerdung.

yes , it is correct , my VPN server is just a PC connected with a modem and having an IP of : 10.50.60.26.

just wondering why modems (they also having static VPN IPs ) can respond to any TCP traffic from any VPN pool.

B.R

No Port Forwarding on the VPN server.

it is a VPN microwave link connected to a PC and a firewall in the middle.

Once VPN is up, your remote site can access all the devices in the local network. If you want to restrict a specific connection from/to modems, please try to config firewall rule on your VPN server or you can try to config Trusted IPs in Security tab on ACE Manager.

dear brother,

if VPN server is off , i still can get traffic , which means , serial forwarding donot just forward serial traffic for the VPN server .

Hi abuashie,

Are all modems and your PC have the same subnet 10.50.60.x ?

Have you tried “Trusted IPs” in Security tab on ACE manager?

modems have static IPs of:
10.79.53.1~254 and 10.79.194.1~79
Microwave Link of the server has static IP of:10.50.60.26

all above IPs are interconnected inside a VPN pool.

i am just wondering why modems can forward the serial traffic to any request IP within the VPN pool even though modems are programmed to forward the Serial Traffic to 10.50.60.26…

Hi abuashie,

Your configuration in Seiral tab is to define the destination(address/port) to which the packets are sent. It’s not the way to restrict the packets.

If modems are visible to each other and there is no configuration related to security( such as firewall rule) the traffic can be passed through them.

it means if a self originated serial traffic goes to modem, it is forwarded to 10.50.60.26.

if a request comes from other than 10.50.60.26 IPs that request a serial Traffic responding, the modem normally replied that asking IP.