Assistance Needed: Port Forwarding Issue

Started by Cipher, December 10, 2024, 03:39:29 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 10, 2024, 03:39:29 PM
Hi All,

I hope you're doing well.

We've encountered an issue with port forwarding for our cameras. After enabling port forwarding (NAT port to the camera recorder), it causes our WireGuard VPN and external access to the GUI to stop working. However, when we disable the NAT ports, everything starts working again.

Could you advise who might be able to help resolve this issue? Additionally, is it necessary to port forward or NAT the camera port to maintain all services functioning properly, or is there an alternative configuration we should consider?

Looking forward to your guidance.
Happy Owner DEC3862
A network is only as strong as its weakest link—build wisely, secure thoroughly, and optimize endlessly.
December 10, 2024, 04:05:57 PM #1
Please show your port forwarding rule in detail.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
December 10, 2024, 05:05:25 PM #2
Please find the attached.
the rule has been disabled for now.
Happy Owner DEC3862
A network is only as strong as its weakest link—build wisely, secure thoroughly, and optimize endlessly.
December 10, 2024, 05:13:47 PM #3
You need to set the destination port, too - probably 9109 and 9110, respectively. The rules as configured forward all ports including your WireGuard traffic and UI access to the internal destination.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
December 11, 2024, 06:32:07 PM #4 Last Edit: December 11, 2024, 06:56:01 PM by Cipher
Thank you for your answer, I appreciate it!

Good catch—it's something I hadn't paid attention to.

Would it be smarter to limit the incoming ports for WireGuard, or should I leave them open?
Happy Owner DEC3862
A network is only as strong as its weakest link—build wisely, secure thoroughly, and optimize endlessly.
December 11, 2024, 07:12:20 PM #5
If you need WireGuard VPN access to your network you obviously need to open the matching ports with an allow rule on WAN.  ;) This or I did not understand your question.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
December 13, 2024, 01:45:37 PM #6
Quote from: Patrick M. Hausen on December 11, 2024, 07:12:20 PMIf you need WireGuard VPN access to your network you obviously need to open the matching ports with an allow rule on WAN.  ;) This or I did not understand your question.

thank you for your answers.
your first answer has point me to the right direction. on the firewall WAN i had the wireguard ports on the destination port to any. i specified the incoming port too.
Happy Owner DEC3862
A network is only as strong as its weakest link—build wisely, secure thoroughly, and optimize endlessly.
Print
Go Up Pages1
User actions