1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

More routers, how to access all remote?

Discussion in 'Tomato Firmware' started by laxxe, Jun 21, 2007.

  1. laxxe

    laxxe Network Guru Member

    I've setup a few routers (covering a large area), and want to be able to access these remote.

    I can access the "first" without problems. I'm adding :8081 to the URL (this is the port I've entered in the router). I want the other routers to be at port 8082 etc., but it doesn't work.

    In the "first" router, I've made this port forwarding:

    Ext port 8082 Int Address 192.168.1.2

    Of course I've setup router numer two to use port 8082, but it doesn't work remote. If I'm at the local network with the routers, I can connect to the router without problems.

    Yes, remote access is activated.

    What am I doing wrong?
     
  2. ntest7

    ntest7 Network Guru Member

    I did it by forwarding external port 8082 -> internal router #2 port 443
     
  3. digitalgeek

    digitalgeek Network Guru Member

    I was going to suggest the same thing... try something like this:

    EXT PORT INT PORT INT ADDRESS
    8082 443 192.168.1.2
    8083 443 192.168.1.3

    etc.
     
  4. laxxe

    laxxe Network Guru Member

    It doesn't work, but router number two isn't setup to use https (but normal http). It's setup to use port 8082, and right now this can't be changed (since I can't connect to it, and will not be at the local network for some time).
     
  5. digitalgeek

    digitalgeek Network Guru Member

    If you are running VNC or PCAnywhere, you could view them romtely on your desktop.

    If you are trying to look at you routers from a remote location you should always use HTTPS...
     
  6. kameleon

    kameleon LI Guru Member

    I have 4 linksys routers in my network. My main is a wrt54gs, two others are WRT54G (pre V5), and the other is a WRT54G V5. On the V5 I have dd-wrt and the rest have Tomato (v 1.04). I have a similar issue. I have all of them set for remote access. I have no issues connecting to the main router :8000, my cable modem :8001, and the ddwrt router :8002 but the :8003 and :8004 will not connect. I have the main router set to port forward each external port to the corresponding IP:80. I have tried everything I can think of to get remote access to the other two routers. Oh, all my routers are in a WDS setup. Once I get all this figured out I will change the ports to 443 and use https.
     
  7. roadkill

    roadkill Super Moderator Staff Member Member

    you can change to VPN Mod and create a tunnel inside and first router
    where you can see all others but I think it's only a matter of Port Forwarding correctly.
    :grin:
     
  8. kameleon

    kameleon LI Guru Member

    And as a side note: I just went ahead and changed everything to be https and port 443. I was able to access the :8000-:8003 now which means one more tomato router. But I still cannot reach that last WDS node. I have double and triple checked my settings and see nothing wrong. I looked in the logs on the main router but could not really tell if anything was wrong or not.
     
  9. kameleon

    kameleon LI Guru Member

    Nevermind. I am just plain dumb. lol. I did not have the proper gateway and dns set in the router. Of course it won't talk to the main router well. DOH!

    But now I have the issue of the conflicting security certificates. Any ideas?


    OP, If you just set up the port forwarding correctly in the main router and the port on the other nodes then you will be good. If you need help just ask. I am sure I can walk you through it.
     
  10. laxxe

    laxxe Network Guru Member

    Well, right now I can only change the settings for the first router - not the second one.

    How can I get access to the second one (it's setup to use http and port 8082)?

    When I have access I can of course change the settings (to use https instead and so on).
     
  11. kameleon

    kameleon LI Guru Member

    Basically on your Port forwarding page just put EXT port 8082 and INT port 8082 and the IP of the router you are trying to hit. If that don't work (not sure how you have it setup and how WDS acts if it is an "outside" hit or "internal" hit) try EXT port of 8082 and INT port of 80.
     
  12. laxxe

    laxxe Network Guru Member

    I've already tried both, with no luck.

    I'm not using WDS, the two routers are connected with cables.
     
  13. roadkill

    roadkill Super Moderator Staff Member Member

    does the first router is the only one that runs a dhcp server?
     
  14. laxxe

    laxxe Network Guru Member

    Yes - the second router has a static IP (192.168.1.2).
     
  15. roadkill

    roadkill Super Moderator Staff Member Member

    and you connect them with the WAN port on the subsequent router to LAN port on the Primary/First right?
     
  16. laxxe

    laxxe Network Guru Member

    I don't use the WAN port on the second router. The two routers are connected to the LAN ports in both ends (both routers).
     
  17. roadkill

    roadkill Super Moderator Staff Member Member

    and connecting to 192.168.1.2 on port 80 (second router?) from inside the network is connecting to Tomato Webif?
     
  18. laxxe

    laxxe Network Guru Member

    Yes.
     
  19. roadkill

    roadkill Super Moderator Staff Member Member

    now change in Tomato Webif: Administration->Admin Access->Local Access->HTTPS
    and try to login
     
  20. laxxe

    laxxe Network Guru Member

    I don't have access remotely (that's the problem), and the routers are placed far from here...
     
  21. roadkill

    roadkill Super Moderator Staff Member Member

    Basic -> Identification -> Change hostname to something other than what is set on the primary router same with router name those are static dns aliases.
     
  22. njeske

    njeske Network Guru Member

    that's exactly what i did. works great. except i still use the default of 8080 on all my other routers. i just forward external ports 8081-8085 to the default internal ports of various other devices on my network such as my other router, my PAP2, etc.
     
  23. laxxe

    laxxe Network Guru Member

    They're already changed. Routername and hostname are the same (cs-ap-1 for first router, and cs-ap-2 for second router).
     
  24. roadkill

    roadkill Super Moderator Staff Member Member

    try changing the Router Identification in Basic->Identification those are static dns aliases AFAIK change them to something other than what is configured on the first router.
    I think that if you have SSH/Telnet access I think I can walk you through changing it in the CLI.
     
  25. laxxe

    laxxe Network Guru Member

    I'm not sure what you mean. I can't change the settings for the second router (because I don't have remote access right now, and they're placed far from here).

    Router Identification right now:

    Router 1:
    Router Name cs-ap-1
    Hostname cs-ap-1
    Domain Name

    Router 2:
    Router Name cs-ap-2
    Hostname cs-ap-2
    Domain Name

    Domain Name is blank in both routers.
     
  26. roadkill

    roadkill Super Moderator Staff Member Member

    how many router are cascading over there?
    did you enabled SSH/Telnet remote access on the first router?
     
  27. laxxe

    laxxe Network Guru Member

    Two routers now, three later.

    The first router can I access without problems, and SSH/Telnet is disabled (but I can of course change that).
     
  28. roadkill

    roadkill Super Moderator Staff Member Member

    try to enable SSH for the first router ssh inside and then you suppose to have telnet access to the second one.
    you can also use putty to create an ssh tunnel
     
  29. laxxe

    laxxe Network Guru Member

    SSH/Telnet is disabled for the second router too (and I don't think I can change that right now).
     
  30. roadkill

    roadkill Super Moderator Staff Member Member

    :sad: can't do nothing to repair it now...
     
  31. laxxe

    laxxe Network Guru Member

    What should I do, next time I am on the location?

    Enable SSH and Telnet?
    Change remote access to https (instead of http)? Why can't both be used (like when connecting local)?
    Other things?

    BTW - you asked if I connected the second router to the first routers WAN port. Would this change anything? I think the correct way is to connect it to one of the LAN ports (which I did).
     
  32. roadkill

    roadkill Super Moderator Staff Member Member

    enable SSH/Telnet on both routers
    change Local Access to HTTPS - you are on the LAN port which is defined local.

    it will change the way port fw and of course local/remote settings is defined.

    :grin:
     
  33. gingernut

    gingernut LI Guru Member

    I have local access http activated, inside local network with router IP I can get to the web gui no problems but the strange thing is I have remote access disabled and can still get to the web gui from work using my dynamic DNS address.

    Is this normal ?
     
  34. Toastman

    Toastman Super Moderator Staff Member Member

    I had the above same problem of accessing other AP when forwarding from ext port 8085 to AP int port 80. From outside the site, I can access the AP when "access restrictions" rules are turned off.

    I also set one forward 8081 to port 80 on the main router, and that is able to access normally whether "access restriction" rules are on or off.

    (Tomato 1.21)

    So, if you do use access restriction rules to control access, you need to add all your AP's to the "allow access" list, then everything works.
     
  35. yakul

    yakul Networkin' Nut Member

    Does it really make such a big difference? Forwarded remote access via HTTPS will work and via HTTP will not? That's silly... I have that problem only with Linksys/Tomato routers. With routers from other companies and other devices it works perfectly via HTTP. But when I only try to access Linksys then I get timeout error. I didn't try HTTPS option yet but I will do it. I will be very surprised if it solves my problem because I'm fighting with it for months :eek:. I've even tried different versions of Tomato and Tomato.RAF.
    I'm an administrator of couple of networks (dozens of users each) and I believe I'm not a noob.
     

Share This Page