Serial Forwarding

abuashie · February 5, 2021, 5:29am

hello everyone,

i am using several LS300 , LX60 , and RV50X.

all above models share same template which is defined at Aleos under Serial Tab as follows :

Startup Mode: TCP
Device Port : 16889
Destination Port : 16889
Destination Address : 10.50.60.26

and the IP of 10.50.60.26 is the Server static VPN IP , which means , all traffic from all modems to be forwarded to that server.

All Modems have static VPN IPs, when i connect from any modem and tried to get the serial traffic from any other modem it succeed .

i am wondering why modems can forward the Serial Traffic to any IP despite the fact that modems are programmed to forward its Serial Traffic to the specific IP .

Thanks in Advance

jerdung · February 5, 2021, 10:10am

Hi abuashie,

Could you please help to check security configuration on your VPN server (such as port forwarding) if it was correct?

Thanks,

abuashie · February 5, 2021, 1:45pm

hello @jerdung.

yes , it is correct , my VPN server is just a PC connected with a modem and having an IP of : 10.50.60.26.

just wondering why modems (they also having static VPN IPs ) can respond to any TCP traffic from any VPN pool.

B.R

abuashie · February 5, 2021, 1:49pm

No Port Forwarding on the VPN server.

it is a VPN microwave link connected to a PC and a firewall in the middle.

jerdung · February 24, 2021, 8:38am

Once VPN is up, your remote site can access all the devices in the local network. If you want to restrict a specific connection from/to modems, please try to config firewall rule on your VPN server or you can try to config Trusted IPs in Security tab on ACE Manager.

abuashie · February 24, 2021, 9:00am

dear brother,

if VPN server is off , i still can get traffic , which means , serial forwarding donot just forward serial traffic for the VPN server .

jerdung · March 3, 2021, 11:21am

Hi abuashie,

Are all modems and your PC have the same subnet 10.50.60.x ?

Have you tried “Trusted IPs” in Security tab on ACE manager?

abuashie · March 3, 2021, 11:50am

modems have static IPs of:
10.79.53.1~254 and 10.79.194.1~79
Microwave Link of the server has static IP of:10.50.60.26

all above IPs are interconnected inside a VPN pool.

i am just wondering why modems can forward the serial traffic to any request IP within the VPN pool even though modems are programmed to forward the Serial Traffic to 10.50.60.26…

jerdung · March 4, 2021, 10:08am

Hi abuashie,

Your configuration in Seiral tab is to define the destination(address/port) to which the packets are sent. It’s not the way to restrict the packets.

If modems are visible to each other and there is no configuration related to security( such as firewall rule) the traffic can be passed through them.

abuashie · March 4, 2021, 10:42am

it means if a self originated serial traffic goes to modem, it is forwarded to 10.50.60.26.

if a request comes from other than 10.50.60.26 IPs that request a serial Traffic responding, the modem normally replied that asking IP.