Menu
What's new

Having a problem accessing the BI from the web

T

Tacoman

Young grasshopper
Joined
Oct 5, 2015
Messages
83
Reaction score
16
Hi

I am trying to access BI from the web using the BI mobile app. I believe there is a port forwarding problem. The server side goes from a Windows PC to at TPlink AC1750 router then to a Century Link ZYXEL C1100z modem/router. I have gone through the BI help page and followed it step by step. I have both the router and the router/modem set up for port forwarding. I have a static IP address for the computer. I have also verified that using the http://www.portforward.com/. I can get access using the LAN using the BI mobile app but not the WAN. Is there any other resource that is available for the set up? Something for a guy that understands about 80% of what he is doing. Preferably a step by step cook book tutorial. I have see recommendations that suggest using the "STunnel" method. Can anyone recommend a step by step tutorial for going down that path?

I understand that the question is pretty vague, but any help would be appreciated. I am frustrated, have spent a lot of time on this already.

Thanks
John
 
fenderman

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,903
Reaction score
21,275
Post your port forward settings as well as your blue iris webserver settings (redact only the external WAN ip)
 
T

Tacoman

Young grasshopper
Joined
Oct 5, 2015
Messages
83
Reaction score
16
I will do that tonight. Thanks for the interest.
 
T

Tacoman

Young grasshopper
Joined
Oct 5, 2015
Messages
83
Reaction score
16
Attached are the port forwarding setting from the TPLink router and the ZyXel modem. Also the BI webserver page and the ZyXel pages.

Thanks in advance for any help you can provide.

tplinkScreenshot.JPG

Modem1.JPG

modem2.JPG

BlueIrisScreenShot.JPG
 
bp2008

bp2008

Staff member
IPCT+ Member
Joined
Mar 10, 2014
Messages
12,678
Reaction score
14,035
Location
USA
I suspect you have a double-NAT setup going on here, where both your ZyXel and TP-Link are acting as home routers. Before we proceed with changes, check your TP-Link router's status page and read what its WAN IP is. If it is anything other than your *.*.*.59 public address, then your system is set up with two NATs. It may also be helpful to show the "Gateway" field if your TP-Link has one. It should be near the WAN IP field. If the TP-Link's gateway IP is the ZyXel's LAN IP, then you definitely are using two NATs.
 
Last edited:
T

Tacoman

Young grasshopper
Joined
Oct 5, 2015
Messages
83
Reaction score
16
No. The IP address for the WAN on the Router is not the same as the WAN on the modem. That was one of the things that had me confused.

The Gateway address on the TPLink Router and LAN on the Modem Lan are very similar. abc.xyz.0.2 for the TPLink router gateway, abc.xyz.0.1 is the Modem IP address for the LAN. The beginning DHCP address for the Modem is abc.xyz.0.2, the same as the TPLink Router Gateway.

Is there a good book or on-line tutorial that explains this stuff in detail? I only know enough to be dangerous. I hate dealing with stuff I don't fully understand.
 
bp2008

bp2008

Staff member
IPCT+ Member
Joined
Mar 10, 2014
Messages
12,678
Reaction score
14,035
Location
USA
Alas, I don't know of any good reference to learn all this stuff. Most of what I know, I learned here and there, and from experimentation. By the way, NAT = Network Address Translator. It is what lets multiple devices use the same internet connection when your internet provider only provides one IPv4 address. A NAT handles outgoing traffic just fine, but for incoming traffic you have to set up port forwarding, so when you have two NATs in sequence, you need one to forward to the next, and the second one can forward to the final destination.

So, you definitely have both your ZyXel and TP-Link acting as home routers (each with their own NAT). There are 3 ways you can proceed.

Option 1) Disconnect the TP-Link router from the system and let the ZyXel control everything. You can change the ZyXel's LAN IP address and DHCP address range to match your TP-Link router, and make it a fairly seamless changeover. You can still use the TP-Link as a wifi access point and network switch, if that suits you, by disabling the TP-Link's DHCP server and disconnecting the WAN port.

Option 2) Change the ZyXel modem to bridge mode. This will disable the ZyXel's DHCP server and NAT, and make it pass your public address on to the TP-Link router. You can't use the ZyXel's wifi anymore to access the internet, and it becomes ... complicated ... to access the ZyXel modem once it is in bridge mode. Your TP-Link router probably won't know how to route traffic to the ZyXel modem through its WAN port anymore. Because I use awesome Tomato firmware on my router, I have a setting where I can teach my router the IP address of my modem, and it makes the modem accessible by adding a static route:



The above setting created this in the routing table:



Maybe your TP-Link has a similar setting. If so, then using bridge mode on the ZyXel should be fairly painless.

Option 3) Delete the ZyXel's port forwarding rule, and have it forward all traffic to the TP-Link router using the DMZ host setting. DMZ = Demilitarized Zone, which basically just means "forward all incoming traffic to this IP address unless there is a port forwarding rule saying otherwise".

Yes, Option 3 is simplest, but it also means you keep the double-NAT scenario and by doing this you may just be asking for trouble later on.
 
T

Tacoman

Young grasshopper
Joined
Oct 5, 2015
Messages
83
Reaction score
16
Thanks. I tried option #3 and it works. I think I will probably set it up as option #1 when I get the time. It sounds more robust and easier to understand.

I really appreciate the help. I think I will make a trip to Amazon and see if there is a good book on networking. Now that I got started would really like to understand how it works.

Once again, thanks for the help. You went well beyond what I expected.

John
 
You must log in or register to reply here.
Top