Ask
Reply
Solution
06-08-2020 07:34 PM - edited 06-08-2020 07:39 PM
Hi, I have a HHG2500 router and connected to the internet via ADSL(2) on Superfast2 plan.
I have a BT Hub 4 in my LAN network with static IP configured and it is in DMZ (Exposed Host Function is on). This is just for testing purpose. I can access my BT hub4 from my LAN, but cannot do this from the internet.
I wonder if it is possible to access router from an outisde network using public IP address.
There is even a DDNS feature on the router, but I simply cannot connect to my router or BTHub4 from the outside.
Chrome shows Error 504
Solved! Go to best answer.
08-08-2020 02:22 AM
Problem is solved, I was stupid enough not adding firewall rule to pass certain traffic from WAN to LAN.
I was able to connect from the outside network to a device in my LAN.
My goal is to set up a VPN server to allow me to connect to my LAN from the outside.
Ideally, even to merge two networks together, but that's a different topic
I will follow your advice, Draytec Vigor 130 is on its way.
In general, the question is solved. You can use your public IP provided by vodafone to access your LAN from the internet if you wish. Router is HHG2500, tariff is Superfast2. Set your LAN device in DMZ or alternatively forward all desired ports to it.
06-08-2020 11:27 PM
Okay so there are few things wrong here!
First up you would ideally need to have the BT hub set up as a dumb switch if that's possible, and connect to it using one of it's LAN ports - most domestic routers will not allow you to access their settings web pages using the WAN port.
Assuming you've done that, then you'd need to have the local IP address of the hub in a DMZ set up on the HHG2500, otherwise connections will either be refused or ignored.
When you've done all that, you could still be left in the situation where it doesn't work simply because the HHG2500 does not appear to be very good at routing packets internally.
Using network equipment in ways that it's not explicitly designed for is often "problematic".
07-08-2020 12:52 AM - edited 07-08-2020 12:55 AM
Thank you for the response.
Yes, BT hub is a dumb switch, I additionally did a port range mapping to the local IP of BT hub (TCP 1-65534 and UDP 1-65534). I agree with you, since I've noticed that HHG2500 functionality is limited. I will replace BTHub with pfSense box once I confirmed that I can expose my IP to the outer network and connect to my home network from the outside.
I just wanted to make sure that vodafone is not blocking anything on their site. I don't know what the network topology is used there in general.
So, would it be possible with a use of another ADSL router to connect to it from external network using public IP provided by Vodafone? What's the best candidate to replace HHG2500?
P.s. In the country I came from, I've used ADSL a long time ago, and it was not possible to use public IP by default.
07-08-2020 11:08 PM
I kind of feel it would be helpful to know what exactly you are trying to do rather than how you are trying to do it!
Be aware that you would need a VDSL2 modem and not an ADSL modem! You'll also need to get your username and password from Vodafone. As for blocking ports, some users have reported that VFs own routers (possibly only with certain firmware) block a number of ports, but if you are using your own device then it appears that no ports are blocked. Forwarding ports to a switch though is problematic, you are likely to find that the switch acts as a sink, in fact it's common to have switches sit outside of the local IP range for the sake of both security and transparency. *I am aware that it is possible to set up web servers to run on devices that provide network infrastructure, but should such a device be compromised then that extends to compromising all data passing through it!
If you are going to be using a pfsense box, then my understanding is that it's best if the pfsense box handles the PPPoE connection to the VDSL modem and you then connect a wireless access point (if needed) to the pfsense box, rather than using a separate router. *I have zero successful experience with pfsense!
08-08-2020 02:22 AM
Problem is solved, I was stupid enough not adding firewall rule to pass certain traffic from WAN to LAN.
I was able to connect from the outside network to a device in my LAN.
My goal is to set up a VPN server to allow me to connect to my LAN from the outside.
Ideally, even to merge two networks together, but that's a different topic
I will follow your advice, Draytec Vigor 130 is on its way.
In general, the question is solved. You can use your public IP provided by vodafone to access your LAN from the internet if you wish. Router is HHG2500, tariff is Superfast2. Set your LAN device in DMZ or alternatively forward all desired ports to it.
08-08-2020 10:33 AM
That's much more straightforward than I was expecting - though if you do go the pfsense route you'll probably need support from their specific user groups. Co-locating VPN solutions though are pretty simple to set up with the right hardware and you don't need to be opening ports and using DMZ at all!
Quite simply using a Vigor 130 modem (other modems are available) and Asus RT-AC68U originally and now the Asus RT-AC86U with the Merlin firmware it's possible to set up a network that spans locations reasonably (there will be hiccups, slowdowns and the like but you are going to get that unless you go down the leased line route). More commonly many people successfully manage this with DD-WRT firmware on other routers too!