Zyxel NR7101 Bridge Mode: Can't ping local Router from the Internet
Hello,
I am setting up a new Zyxel NR7101 mobile 5G router which I ordered twice for 2 SIM card connections. I managed to get Wireguard VPN running since I'm receiving a public IPv4 address, but I can't ping my local router which is a Unifi Dream Router (UDR).
My setup:
Mobile connection provider is "Telekom" within Germany, sending 5G successfully.
The NR7101 signs in into the Telekom APN just fine and is configured in IP Passthrough Mode (Bridge Mode). NR7101 uses the IP 192.168.1.2.
Then, with the only Ethernet port, the Internet IP is bridged to my local router from Unifi: the UDR. Internet access works just fine. The UDR receives the IP address just fine and lists it on its dashboard. The UDR has the IP 192.168.1.1. However, I can't access the Zyxel Router when logged in on the UDR. Also, I can't access the UDR when logged into the WLAN of the NR7101. I always have to connect to the separate WLANs of the specific devices to configure them.
Now, the problem is that I can't ping the UDR from the Internet. I tried with my ddns address and with the public IP itself, but it still doesn't work and I don't know why. I need it for monitoring however.
Can you help me to get it done?
When I use the diagnositic tools from the NR7101, I can successfully ping the UDR using the public IP:
If I disconnect the UDR from the NR7101, then the ping fails:
This prooves that the public IP is used by the UDR and the firewall of the UDR is not blocking the PING requests.
So I think it's a setting within the NR7101. I tried several settings and also settings up the firewall with ICMP and ICMPv6 rules, but so far nothing has helped. Here is a documentation of my settings:
I'm using ACCEPT rules for incoming Requests and outgoing Response packets. I also created routes involving the ROUTER because I am not sure if the NR7101 consideres the UDR as a ROUTER or as part of the LAN.
In Remote Management I activated PING as well, but I think it's not relevant here since I have the NR7101 running as IP Passthrough mode and there is not PING option available there.
Just for completeness: The ping to the UDR:
Any ideas anyone please?
Accepted Solution
-
I checked with Telekom (my cellular ISP) and unfortunately they confirmed that PINGs are blocked within their CG-NAT. No chance to activate it. I will have to look for other soluations to monitor my site.
0
All Replies
-
I checked with Telekom (my cellular ISP) and unfortunately they confirmed that PINGs are blocked within their CG-NAT. No chance to activate it. I will have to look for other soluations to monitor my site.
0
Categories
- All Categories
- 396 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 87 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 917 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 419 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight
