On Fri, 17 Oct 2025 21:06:37 -0400 "Roy J. Tellason, Sr." <[email protected]> wrote:
> On Thursday 16 October 2025 04:26:37 pm Joe wrote: > > On Thu, 16 Oct 2025 15:28:53 -0400 > > "Roy J. Tellason, Sr." <[email protected]> wrote: > > > > > This isn't strictly debian-related, so if there's a better place > > > for this feel free to point me at it and I'll try there... > > > > > > Back when my LAN was a workstation and a DSL modem, and a bit > > > later on a routher/firewall was added, and a server, then > > > later on a second workstation. Wifi was an old (now older and > > > very flaky) AP. These days wifi is also provided by the "modem" > > > (Hugesnet, who is completely useless for help on this) and it's > > > dual band and seems overall faster. > > > > > > The problem is when I'm using that wifi I have no access to my > > > local server, I can only get to it by way of the old flaky AP > > > that's internal to the LAN. > > > > > > Particulars: The "modem" is 192.168.1.1, the WAN side of the > > > router is 192.168.1.2, the server on the other side of the > > > router is 192.168.0.1, and the workstations get DHCP addresses > > > assigned when they connect, as do any devices (a couple of > > > phones and a tablet) that connect to the wifi. Is there any > > > simple way to get that external wifi to point to my internal > > > server when a 192.168.x.x address is used? > > > > > > > > > > Yes, but it may be a bit involved. Firstly the firewall must be > > opened to allow the ports you want to use on the server to pass > > inward through the router if it isn't using NAT. > > > > If the router is doing NAT it will be necessary to create port > > forwarding rules in the router to direct those ports to the > > server's IP address. This should automatically create the right > > firewall rules. > > > > If the router does not do NAT, the modem will need to be given an > > additional route, telling it that the route to network 192.168.0.0 > > is via the gateway 192.168.1.2. > > That looks like what I'll need to do. Going into the admin login on > that device, I do Advanced Setup -> Routing -> Static Route, had to > enable that, added one for 192.168.0.1 (server), gateway of > 192.168.1.2 (router's "Internet port"), and LAN rather than WAN. > Saved the changes, and it doesn't work. The connection just times > out. > > Finally, if NAT is used on the router, you will need to address the > > server as if it was the router i.e. 192.168.1.2 and if not, then use > > the server's own IP address. > > > > It all depends on whether the router is just a plain router, or > > whether it is using NAT. Your use of the term 'WAN' suggests it is > > a cable router, using NAT by default. > > Actually that port is labeled "Internet", it's what used to connect > to my DSL modem back when, and it's what connects to the Hughesnet > device now. > > First, are you absolutely certain the router is not using NAT? I would expect an Internet router to do so by default. Many routers can disable NAT, 'bridge mode', but then you need all IP addresses to be on the same subnet and it isn't a router at all. Almost certainly, if the router has a port forwarding feature that is not disabled, there is NAT working. What can you ping from where? Are you able to turn off the firewall function of the router for testing? If you ever see ping work in one direction but not the other between the same two hosts, it's NAT/firewall trouble. The modem itself will probably have a 'ping' option, I assume it can ping 192.169.1.2 successfully, can it ping the server? It would be nice if it had a traceroute facility, but they usually don't. What about ping and traceroute from a wifi client? What do you get if you try to trace a route to the server? -- Joe
