Problem getting Port Forwarding to work

Hi All,

(Module Q2686RD, F/W R7.46, OS 6.35, WIP 5.42)

I cannot get Port Forwarding to work (wip_ipFwdEntryAdd) and I wondered if anyone out there has managed to use it successfully.

Using (basically) Internet gateway code on my unit, I can successfully get a laptop to connect to the web i.e. a LAN to WAN connection using the NAT functionality in the code. I tried this with the DHCP turned ON and also OFF in the code. My SIM is one with a public, static IP address and can be externally accessed (as if it was a server). I added the port forwarding code using the wip_ipFwdEntryAdd function, creating a route between the WAN and the LAN, but it does not appear to work. I have tools to monitor the IP address and ports on both the WAN and LAN sides, and I get no data at the LAN end when sending data to the WAN end.

Can anyone please help? Has anyone used this function?

Many thanks,
Mike

Hi All,

Just to give you an update in case anyone else has this problem…

I got it working OK. The problem was that, for the public IP in the port forwarding entry, I was using the public IP address instead of using the SIM’s IP address. The SIM’s IP address is the one on the private side of the provider’s APN.

Hello Mike,

Can you elaborate a little bit more what you have done?
How did you get the “public IP address” ( WIP_BOPT_IP_ADDR ? ), and how did you get the “SIM’S IP address”?

thanks,
tom

Hi,

We obtained a SIM with a special account. The SIM has a public IP address, and a private one. Both these addresses were given to us by the service provider when we obtained the SIM. The port forwarding routine uses the private SIM address.

Cheers.

Hello Mike,

I am still confused. :frowning:

Do you mean you have bought a private APN so you can connect to the SIM froum outside?

Usually ( not with all providers) the public APN cannot be accessed from outside.

But as i understand well you say that every SIM has a public IP address and a private IP address.

There should be a way to get the private IP address from OpenAT code!

Would you help me to clear things out?

Cheers,
BR
tom

Hi Tom,

To make things really simple… forget what I said about public and private IP addresses, it just adds to the confusion.

The fact is that the IP address required for the port forwarding can be read from wip_bearerGetopts, and is WIP_BOPT_IP_ADDR. This is available after attaching to the GPRS bearer. Use that one.

Regards,
Mike

Hello MIke,

Thanks for your answer. just to clarifiy things for everyone and for me because i could not get it work…

In case of reaching a web server on the local ethernet network:

rets32 = wip_ipFwdEntryAdd( "destination_ip_adress_on_ethernet", 80,
						"gateway_gprs_ip_address", 80, IPPROTO_TCP );

It returns OK.

I also enabled the IP forward in NetInit

wip_netInitOpts ( WIP_NET_OPT_DEBUG_PKT_MAXLEN, 1500,
					  WIP_NET_OPT_DEBUG_PORT, DEBUG_PORT_WIP,
					  WIP_NET_OPT_IP_FORWARD, TRUE );

Do i have to set WIP_BOPT_EXTNAT on GPRS network?

Do i have to do anything else?

Many thanks for your answers! Unfortunately there is no sample code about the port forwarding and there is no debug info about the port forwarding. ( only the the return value of the wip_ipFwdEntryAdd() function) It would be also useful to know how many bytes are transmitted or received on the port forwarding port.

Cheers
tom

Hi Tom,

Yes you have to set WIP_NET_OPT_IP_FORWARD to TRUE. The rest of the things that you wrote seem correct.

I do not know how to count bytes sent in port forwarding, sorry.

Cheers,
Mike

Hello,

My module: Q2698 with R7.52 firmware

I have a problem with port forwarding too.
I followed your instructions.
On the GPRS side I use SIM card with public IP address. On the LAN side modem is connected to the router. Ehternet interface in modem has a static IP address assigned by wip_bearerSetOpts function (WIP_BOPT_IP_ADDR).
The device is visible on the LAN network (Responds to PING request).
I set WIP_NET_OPT_IP_FORWARD flag to TRUE in wip_netInitOpts function. When connected with GPRS I set flag WIP_BOPT_EXTNAT to TRUE, to Enable the NAT for GPRS interface.
I use Wireshark to monitor packets on the WAN and LAN side. Packets pass from WAN to LAN, but on the LAN side they don’t have changed the source IP address. Source IP address is still the addres from the WAN, not the LAN modem address.
This means that packets reach the recipient on the LAN, but don’t go back to the modem. The router doesn’t know what to do with them, because sender IP addres is outside the LAN network.
I don’t know why the WAN addresses are not converted to the LAN modem IP address.

Does anyone know what I’m doing wrong?
Regards
EG

I am experiencing the same problem as mstrbg. On the LAN, the first TCP SYN packet source address is public source IP instead of LAN private.

Yes, I know the FXT009 is EOL and new OS is not any more. I just want to know, is this known bug or is there some parameter I am missing.

You are looking for NAT.

Yes, I am using port forwarding (NAT) feature.

Port forwarding works. Default gateway settings in destination device was not set correctly.