Home/Support/Support Forum/How to correctly port forward on DIGI Transport WR44v2
Welcome to Digi Forum, where you can ask questions and receive answers from other members of the community.

How to correctly port forward on DIGI Transport WR44v2

0 votes
I have two DIGI WR44v2 modems both with identical firmware (latest). For some reason, I am unable to correctly port forward to another device on the same network. Here is my modem specs:

Model: TransPort WR44v2
Part Number: WR44-L500-CE1-RD
Firmware Version: 5.2.15.4 (Jun 22 2016 12:24:12)
SBIOS Version: 7.56u
Build Version: LW
HW Version: 2204a

Each DIGI has its own static PPP cellular modem and have access through the internet on ETH 0.
On, ETH 0:
- DHCP Server is enabled (192.168.1.100 to .119) (DHCP Server > DHCP Server for Ethernet 0)
- ETH 0 Interface using the following address 192.168.1.1 (Interfaces > ETH 0)

My device to port forward to has an address of 192.168.1.30/24. I can reach this device locally with no problems. The device requires 13000-13002 forwarded.

Steps:
- I have configured ETH 3 for a 192.168.1.20/24 address, DNS & gate:192.168.1.1
- Enable NAT IP address and Port is ON (ETH3>Advanced)
- (checked) DCHP not enabled for ETH 3
- IP Port Forwarding/Static NAT Mappings: I tried a few different combinations of ExternalMinPort, ExternalMaxPort which need to forward to 192.168.1.30
- An example is 13000 13000 192.168.1.30 80 (Min/Max/IP/Forward)
- (checked) Enable NAT IP address and Port is ON (Mobile > Mobile Settings)
- (checked) Enable firewall on this interface is OFF (Mobile > Mobile Settings)
- (checked) Enable firewall on this interface is OFF (ETH 3 > Advanced)
asked Sep 7, 2016 in Digi TransPort Cellular by gcaloyloy New to the Community (1 point)
edited Sep 7, 2016 by gcaloyloy

Please log in or register to answer this question.

2 Answers

0 votes
Hi

the first thing to check is if the router is configured in Hub Mode or Isolate mode.

If you can issue the "ID" command at the top of the list off modules you should see

Ethernet Hub Driver Revision: 1.11

or

Ethernet Port Isolate Driver Revision: 1.11

if the device is in a HUB mode all of the interfaces on the back of the router are connect together and are assosiated with the Eth0 instance. if this is how you have the router configured you do not need to add eth3.

Port forwarding needs to be enabled on the PPP interface and as you are doing port change from EXT to INside you need to use NAT IP and Ports
if the NAT setting is changed to make sure the setting is used the PPP instance will need to be reconnected for the change to start working


the nat configuration is correct.

if in isolate mode this is more of an issue as you have 2 interfaces with the same netwprk/subnet and the router could have problems working out what you want it to do

1 common problem is that the target device is not correctly configured with a default gateway of the transport this can cause the device not to respond to request coming from the internet. to get round this you can enable NAT on the eth 0 interface and this allows the target device to think the request is from the routers eth0 address which it can talk to .

to check to see what is happening you will have to use the analyser to see if the packets are coming in from the internet on PPP / and goin out on ETH0 / 3 and if there is any return traffic

first login to the WEB interface but use the alternative interface 192.168.1.1:8080
This allows the tracing of port 80 traffic will not include all of you interactions with the router
to do this you need to enable analyser in the web interface
change packet size 1500 / logsize 180
switch off all entries
under IP Source enable PPP 1 / ETH 0 and ETH 3
in the TCP/UDEP port enter the port number intrested "~80,13000,13001,13002"

apply settings.

now clear the trace in the box bellow settings and then connect over the internet to the router
you should then resfresh the trace and see what is happening

BIG NOTE
If your router has a public address you should enable firewall to protect your router and allso change the default username/password ot you will find your router compromised

regards
answered Sep 8, 2016 by James.Wilson Veteran of the Digi Community (1,225 points)
0 votes
Hello James,

Thanks for all the information above. This cleared a lot of questions I had regarding the DIGI itself.

The device I have is complaining about UDP not being connected, although I have all my ports needed mapped.

The vendor has asked me to check if "SIP ALG" is NOT activated. Where can I find this setting?

Here is the ports from the vendor:

port number protocol function
13000 UDP SIP(change this port number in both ends if you are using SIP based IP-telephony)
13001 UDP RTP, audio
13002 UDP DATA channel, control commands
80 TCP WEB interface (*)
23 TCP Telnet Interface

(*) I tried changing this in the device to 8000 and adjusting my port forwarding and unable to reach the device. How do I get this to work for 8000?
answered Sep 8, 2016 by gcaloyloy New to the Community (1 point)
edited Sep 8, 2016 by gcaloyloy
...