accessing web ui for second router in wireless ethernet bridge mode

Discussion in 'Tomato Firmware' started by nxmehta, Jul 11, 2009.

  1. nxmehta

    nxmehta LI Guru Member

    My home network is setup such that I have one tomato router that is connected to the outside world via a DSL modem, and I have a second tomato router setup as a wireless ethernet bridge to my Playstation. What I'm trying to do is access the web ui of the second router (the bridge) from outside of my home. When inside my home I can easily access the web ui of the bridge router- I'm using a static dhcp mapping in the first router that forces the bridge router to a particular internal IP, and all I have to do is enter in that IP to my web browser and voila, I'm in the web ui.

    So, to get external access to the bridge I setup the first router to forward port 81 to the bridge, and on the bridge I've enabled access to the web ui on 81, both as HTTP under the "local access" section and the "remote access" section. However, when I try to connect from the outside world to my home on port 81, nothing comes up. When logging incoming connections on the first router I see that it's trying to forward packets to the bridge, but the log in the bridge doesn't appear to be picking them up?

    Can anyone tell me what's going on? Is there something about wireless bridge mode that precludes the web ui when going through the bridged connection? Is there a way to setup my network such that I can access both tomato routers from the outside world?

    Thanks for any help.
  2. fyellin

    fyellin LI Guru Member

    In Wireless Ethernet Bridge mode, there is no WAN. Everything is a LAN. Your creating an "outside WAN access to the GUI" is a no-op.

    You should set up a port forwarding such that 81 from the outside world gets sent to port 80 of the bridge. That should be all you need.

    I do need to warn you that what you're doing is incredibly insecure. You shouldn't allow any sort of unencrypted communication between the outside world and your routers--either of them. If you have to access your routers from the outside, use ssh and create a tunnel.
  3. nxmehta

    nxmehta LI Guru Member

    Yes, HTTP is of course insecure. I first tried HTTPS but I was having the same problems so I thought for now I'd use HTTP in case there was some problem forwarding HTTPS. Thought it might help eliminate another variable.

    In any case, forwarding 81 from the outside to 80 of the bridge (81 ext to 80 int) doesn't work for me. That is what I was trying to explain in my original post (it was kind of complicated to explain, I probably didn't do a good job). This is the part that I don't understand, seems like this should be working... the log of the external router indicates that packets are being forwarded from port 81 of the outside world to port 80 of the bridge, but the web ui never comes up.
  4. Toastman

    Toastman Super Moderator Staff Member Member

    If you forward to a LAN port from the router, then the LAN machine should have it's default gateway set back to the router. If you use access restrictions to control machines by MAC, then the MAC address of the LAN machine must also be in the allowed list.

    Is this what you need?
  5. fyellin

    fyellin LI Guru Member

    Just double checking. In this message, you said you've set up WAN:81 to forward to Bridge:80. In your first message, you said that you set up Bridge to listen on port 81, when it should be listening to port 80. Was this a typo?

    In any case, it sounds like you're doing the right thing, as far as I can tell. I've done similar (but not identical) setups and it's worked fine. You may want to try the ssh/port forwarding solution, just because it'll solve your problem in a different way.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice