NR7101: Access Management Service (UI) in IP passthrough (bridge) mode
All Replies
-
If you unplug the WAN with the modem then you can connect to Management
No, it makes no difference if the other modem is plugged in or not, as soon as the NR7101 is plugged into (any) router port, it cannot be reached via it's ethernet cable.
you can't access Management of NR7101 unless your able to make a routing rule.
What would the routing rule be?
0 -
I tried to use static route with next-hop interface and a source nat rule with masquerade as well. I think the NR7101 must be the cause of the problem, because if I use a ZTE 5G modem, access to its GUI works fine with the same configuration.
0 -
But here the thing you say “When I connect my laptop directly to the NR7101 I get the IP from my service provider e.g. 77.116.241.xx and I can access the NR7101 via IP 192.168.2.1.” So your Ubiquiti must be getting 77.116.241.xx you are on 192.168.1.0 subnet traffic goes to your gateway for 192.168.2.1 you then SNAT from 77.116.241.xx to go to 192.168.2.1 but if it work when your laptop directly connected to the NR7101 then why the problem?
What if you change NR7101 Management IP to another and without any other Internet connection connected?
0 -
Thanks for your suggestion. Synology RT6600ax does not have a UI like yours (no next hop options). We can only add static routes like this:
The UI allows for 2 internet connections like this:
NR7101 is plugged into 'Primary Interface'. (ZTE 5G modem is in the Secondary 'LAN1'). The mode of operation is set under 'Smart Wan', like this:
As you can see, it shows 'Inactive' for some reason, and asks prompts me to configure it. The options are as below:
I've no idea what to put in there. Nebula shows the IP Address
as 10.35.22.8, and DNS servers as
10.203.xx.xx, 10.203.xx.xx, but I'm sure these are not what is expected here.0 -
I realise that this is an old post, but I faced exactly this issue with my UDM and NR7101. When in normal mode, the NR7101 is accessible from inside my LAN according to the settings in the 'bridge1' Interface Group under (Home Networking) - the IP reported for the WAN port by UDM is an address in the same range, assigned by the NR7101 to the UDM.
In IP passthrough mode, the IP address reported by the UDM on the WAN port is consistent with the 'public IP' shown in the NR7101 config screen. In my case this is not a true public IP but a private one in the range 10.x.x.x, due to carrier-grade NAT for mobile networks.
The bizarre thing is this: the NR7101 config page is accessible at an IP address one above or one below the 'public' IP assigned. Whether one above or one below is seemingly random and changes every time the public IP changes.
I have not set anything up in the 'Maintenance' → 'Remote Management' → 'MGMT Services for IP Passthrough'. HTTP is currently disallowed there yet I am able to access the config page unencrypted. This suggests that it can't be travelling via the internet from inside my LAN, so must be a direct route to the 'LAN side' config of the NR7101.
My knowledge is insufficient to understand how or why this works, whether it's a feature of the UDM or the 7101, but for anyone desperate to get at the config page in IP Passthrough mode from inside a Unifi LAN, give this a try!
1
Ally Member
Guru Member
Freshman MemberCategories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
