0

The primary router is a Huawei F670 acquired from the ISP and the secondary router is in a NSA Sonicwall firewall.
Yes, I've read this post and this post yet I didn't understand a thing.

This is my simplified network architecture

I've already configured a Nat policy in the NSA that goes from the primary router(192.168.1.1, 123.11.123.11) to the server (10.1.0.125) on port xxxx and the reverse policy.
I've already configured the firewall rules in the NSA that allows connection from the primary router to 0.125 and the reverse rules.
I've already configured port forwarding rules in the primary router to forward port 2234 from the public IP directly to 10.1.0.125

The situation is now anything on the internet unable to access my server on port 2234, nor the clients in the primary router network.
But 10.1.0.121 could ping all of the network clients above them and could access my server through port 2334 through my router Public IP.

I suspect there is a problem with the F670 configuration that disables the connection to the child network, or the F670 doesn;'t know how to get to 10.1.0.125. Yet I don't know how to fix it.
Any help would be apprecited, thanks!

Gibran Sansadewa Asshadiqi
  • 1
  • 1
    Why are you doing double NAT? Don't do that. Use normal routing. – Michael Hampton Jul 28 '21 at 17:13
  • The huawei modem router provided by the ISP locked the bridwe mode option, there is actually a config to enable that but it is prohibited by the isp – Gibran Sansadewa Asshadiqi Jul 28 '21 at 17:18
  • 1
    This sounds like a question that is a better fit at [superuser.com](https://superuser.com). – vidarlo Jul 28 '21 at 17:20
  • Questions on Server Fault must be about managing information technology systems in a business environment. Home and end-user computing questions may be asked on Super User - i flagged this question for movment due Planty Offtopic on Serverfault – djdomi Jul 29 '21 at 05:54

0 Answers0