We have a point 2 point t1 setup to provide internet to a remote location using 2 netvanta 3200. (the public addresses are examples)
Site 1 internet modem
router A is assigned the public address from the modem
connects to router B is connected to router A via the P2P T1
and is connected to the LANs router
Behind the Lans router is a server 192.168.1.150 the needs port 21 forwarded to it
router A ppp1 is set to 192.168.1.14
Router B ppp1 is set to 192.168.1.13
The wan interface on the lan router is given 192.168.2.1 from the DHCP server on router B
Lan router has port forwarding all set.
How do I set up the port forwarding and in which router do I put it. A or B or does it have to go in both.
Thank you for replying with the network diagram, that is very helpful. For this application to work, in this scenario, you will need to change the subnet behind the Linksys router, and the IP address on the server. I would recommend making that subnet something like 192.168.3.0 255.255.255.0. Then you could make the IP address of the Linksys router 192.168.3.1 and the server 192.168.3.150.
In the design I described, most likely, all you would need to do is configure the ADTRAN (router A) for the port forward. Here is the Configuring Port Forwarding in AOS document and [video] Configuring Port Forwarding in AOS.
I hope that makes sense, but please let me know if you have any additional questions or information. I will be happy to help in any way I can.
Levi
Thank you for asking this question in the support community. When you get a chance, will you please answer the following questions and provide some additional information?
I am having difficulty understand the layout and network subnetting based on the description. You mentioned that the subnet connecting the two routers is 192.168.1.x (192.168.13 & .14); yet, you also mentioned that there is a server in that same 192.168.1.x subnet (192.168.1.50). Then you also stated there was a subnet with 192.168.2.x. Do you have a network diagram? Is the "lans" router something other than ADTRAN, and where is it located in the network?
Please, do not hesitate to reply with additional information or questions.
Levi
The server is behind a linksys router that is at 192.168.2.10
Thank you for replying with the network diagram, that is very helpful. For this application to work, in this scenario, you will need to change the subnet behind the Linksys router, and the IP address on the server. I would recommend making that subnet something like 192.168.3.0 255.255.255.0. Then you could make the IP address of the Linksys router 192.168.3.1 and the server 192.168.3.150.
In the design I described, most likely, all you would need to do is configure the ADTRAN (router A) for the port forward. Here is the Configuring Port Forwarding in AOS document and [video] Configuring Port Forwarding in AOS.
I hope that makes sense, but please let me know if you have any additional questions or information. I will be happy to help in any way I can.
Levi
I am sorry i made a mistake in the ip addresses. the PPP addresses are 192.168.3.14 and 192.168.3.13. Sorry for the confusion. That being said I should only have to add a security zone "port forwarding" private to 192.168.1.150 in router A.
I made to rule on router A public security zone to forward port 21 to 192.168.1.150. No good so I tried to forward to 192.168.2.1 still no go. I added a new more accurate pic.
Does Router A have IP connectivity to the FTP Server (can Router A ping the server)? If there is IP connectivity, and there are no firewalls blocking the traffic, then the port forward from Router A to the IP address of 192.168.1.150 should work. If you would like to reply with the configuration of the port forward in Router A, I will be happy to review it for you.
Levi
Thank you for sending the configurations. It appears you do not have the routing setup properly yet. For routers A and B you will need a static route in addition to the static default route. Router A will need a static route to the 192.168.1.0 /24 subnet with a next hop IP address of Router B (ip route 192.168.1.0 255.255.255.0 192.168.3.13). Router B will need a static route to the 192.168.1.0 /24 subnet with a next hop IP address of the Linksys router (ip route 192.168.1.0 255.255.255.0 192.168.2.1). The Linksys router will need a default route.
Levi
Wow, can you help me with this. I paid your company to setup these up. I am disappointed that they where not setup correctly. What commands do I issue to router A and router B to accomplish this?
P.S. thank you for all your help on this matter.
So as not to interrupt service to the client should I do the remote one (router b) first or does it matter?
In addition to adding the static routes I recommended above, you should also remove the firewall on Router B. I provided the commands again below.
Router A:
CLI:
enable
<enter enable password>
configure terminal
ip route 192.168.1.0 255.255.255.0 192.168.3.13
end
write
GUI:
Data > Route Table > "Destination Network = 192.168.1.0"; "Destination Mask = 255.255.255.0"; "Gateway = Address = 192.168.3.13" > Add > Save
Router B:
CLI:
enable
<enter enable password>
configure terminal
no ip firewall
ip route 192.168.1.0 255.255.255.0 192.168.2.1
end
write
GUI:
Data > Firewall > Firewall / ACLs > "Enable = "unchecked"" > Apply
Data > Route Table > "Destination Network = 192.168.1.0"; "Destination Mask = 255.255.255.0"; "Gateway = Address = 192.168.2.1" > Add > Save
Levi
when I disable the firewall on router b I loss internet at the remote site.
The reason that happens is because you are source NATing on Router B, which is not necessary and inefficient for your application. If you add the suggested static routes in the appropriate routers, then you will not lose Internet connectivity. Please, feel free to send me the configurations again, after you make my suggested changes, if you are still having trouble with this network design.
Levi
Trying again today in about 1 hour. i will let you know.
Should I add the route to router B before disabling the firewall? I think that is my problem.
I will try. The problem is every time I make your changes the internet goes down at the remote site 20 mins away. I then have to go on site to bring it back.