I am trying to figure out how to get this network configuration to work
i have a max br1cellular wan ip of 10.39.20.162 LAN ip 192.168.3.1/255.255.255.0
i have a plc at 192.168.3.10 which works just fine being its on the same ip subnet
i also have a device that i cannot change the ip address of at 192.168.1.5 default gateway of 192.168.1.1 and i need port 502
i have the port opened for that ip in “port forwarding”
created outbound policy
-source>any
-destination>ip address> 192.168.1.5
-protocol>any
-algo>priority (with cellular on top)
i have the 3. network plugged into lan port 2 and the .1 network plugged into the wan port. i changed the wan port to be a lan port created a new lan network at 192.168.1.1 i can ping 192.168.1.5 from my computer but cant ping through the br1
i have tried creating a new lan and dedicating the wan port to that network and used both port types “access” and trunk" still no dice
The typical way to do this would be to create a new vlan on the LAN of the BR1 in the same subnet as the device you cannot change the Ip address of.
Then you set the BR1 VLAN IP address to be that device’s default gateway (192.168.1.1) and then you can route directly to that device from anything else on either LAN. You can also use intouch to access the device directly if you need to.
Your MODBUS client can then get to it, and you can port forward from the WAN of the BR1 to it if you need to.
The config steps are:
Add a new VLAN in NETWORK, set a VLAN ID (ie 10), set the LAN IP to be 192.168.1.1, setup DHCP if you want.
Set a LAN port to be in access mode and check just the new VLAN. Plug the device that is stuck on 192.168.1.5 into that port.
Or if you have a manged switch, trunk to it and then set an access port on that instead.
What WAN are you using? The wired WAN? Or the Cellular WAN or the WIFI WAN?
So in this screenshot you are using the WAN port as a LAN port and have presented the 192.168.1.0 VLAN10 on that port. So what WAN are you using if you are not using WAN1? Cellular? Wifi?
This is how you would port forward to that 192.168.1.5 device from an active WAN. You don’t need to use port forwarding from the 192.168.3.0 network though of course.
The cellular WAN has a private Class A IP address (10.39.20.162), so this is unlikely directly accessible from the internet.
Typical cellular providers use NAT and provide a CGNAT IP address to the cellular modem but this is not a CGNAT IP (it’s not in that 100.64.0.0 - 100.127.255.255 range).
Where are you trying to access the 10.39.20.162 from? Are you sure the cellular network is allowing you to send traffic inbound to that port? Can you access the router webui on it for example?
The cellular wan gets its ip via a VPN connection on a private cellular network I can log into the modem using 10.39.20.162 if the device I am using has the vpn profile active it can connect
Ok, then we’re close to needing some network captures to work out what’s going on.
are we sure the 192.168.1.5 device has the router (192.168.1.1) set as its default gateway? Can you ping something on the wan network from the 193.168.1.5 device?
