Current location: home page > Share findings > Solution to ineffective port mapping in iKuai+OpenWrt

Solution to ineffective port mapping in iKuai+OpenWrt

Published on: September 1, 2023 Share findings 7 comments 5,235 views
This website provides Linux server operation and maintenance, automated script writing and other services. If you need, please contact the blogger on WeChat: xiaozme

Recently, the network of "iKuai+OpenWrt side routing" mode has been configured in the office. It feels good to use it. Today, however, it was found that a port forwarding failed to take effect. After checking one by one, it was finally found that the problem was caused by the bypass routing.

Suggested Items

  • Firewall settings of intranet host (try to turn off the firewall first)
  • Router firewall settings
  • Try to change the public IP port
  • Attempt to temporarily cancel bypass routing

After troubleshooting one by one, it is finally determined that the problem is caused by bypass routing mode. When trying not to use bypass routing, the port mapping of iKuai is valid. How to make the port mapping of iKuai take effect when the bypass route is reserved? Please refer to the solution below.

terms of settlement

If there is no bypass route, the mode is as follows:

  • Public IP (8.8.8.8:2222) ->iKuai router (192.168.1.1) ->intranet host (192.168.1.5:2222)

This is no problem, but if the bypass route is added, it is found that Public IP (8.8.8.8:2222) Unable to access. At this time, we need to first forward the traffic to the bypass route, and then forward it to the target host in the intranet. The mode is as follows:

  • Public IP (8.8.8.8:2222) ->iKuai router (192.168.1.1) ->bypass routing (192.168.1.2:2222) ->intranet host (192.168.1.5:2222)

With this network mode, the public network traffic can be normally forwarded to the target host, and the problem is solved. The specific operation steps are as follows:

1、 Add a forwarding to bypass routing rule in "iKuai Router Background - Network Settings - Port Mapping", as shown below.

2918e063965eb911.png

2、 In the background of OpenWrt, the traffic from the LAN port (the intranet port in the above step) is forwarded to the target machine of the intranet in "Network Firewall Port Mapping", as shown below.

677a8bd694a0c217.png

Finally, save and apply.

summary

  • If the gateway of your intranet machine points to the primary route (192.168.1.1), there is no need to map the secondary route.
  • However, if the gateway of your intranet machine points to the bypass route (192.168.1.2), you need to add port mapping in addition to the primary route, and add additional port mapping in the bypass route

label: , ,

Post reply

Your email address will not be disclosed. Required items have been used * tagging

7 comments

  2. I answered a question that I couldn't answer for a long time, and summarized it very well. Although I have been using it for a long time, I can't figure out why I have to go to another route for a round trip.

    reply

      1. After testing, you don't need to close the bypass route. You just need to close the open bash to ensure that the port mapping is normal. If you open the open bash, the port mapping is invalid

        reply

Our official account: xiaozblog


Small z blog fan exchange group (WeChat)

Recent updates

Latest comments

  • xiaoz :
    tolerable.
  • AbC :
    Can I use Industrial Bank Huanyu Life Card to deposit money
  • xiaoz :
    Upgrade Google Play and try again.
  • sfda :
    Demo video, speech speed is not smooth, network is not smooth, still need to improve.
  • frngdi :
    Teacher, I manually installed the flash back function,,,
  • xiaoz :
    Is there any restriction?
  • Is there a way to remove the limit of three payments per day :
    Is there a way to remove the limit of three payments per day
  • xiaoz :
    It can be bound, but it seems that there is no verified consumption limit.
  • Small cloth :
    Why do many people register British companies? I see someone on the Internet saying that they are engaged in foreign trade or bi
  • rudy :
    I have been using paypal for three days

  • Contact me

    For advertising cooperation and technical exchange, you can contact me through the following ways.
    Q Q:337003006
    E-mail:  Click to view

    Technical exchange group:

  • sponsor

  • Recommended by bloggers

    ImgURL Pro Professional Edition released, supporting multiple external storage, 20% discount promotion

    An article takes you to quickly understand the open source free bookmark (navigation) management program OneNav

    Recommend a convenient and fast cross-border remittance tool Panda Remit

    OCBC Account Opening Guide and Debit Card Application, My OCBC Account Opening Experience

    • Copyright ©2013 - 2023. Site Map