04-09-2020 10:38 AM
After entering your dynamic dns, go to DNS Server. Enter your dynamic dns (blah.duckdns.org) and your internal IP address for the device you want to reach. This does not solve the port forwarding issue, but actually works without having to forward any ports.
04-09-2020 10:58 AM
Clever! But in my case, there several PC's as destinations. Since the webcams reside on one, it would work for that. However, the owner yanked the G3100 and put her G1100 in, so everything is back to running just fine. (Years ago, I played with a free utility that would forward ports on a pc, so I could look that up and have it on that PC and do forwarding from it.) But saving the rental money and having things work right made more sense.
I did walk around the edge of the property gauging signal strength and found the G3100 up to 10db stronger in some places, but plenty of signal from the G1100. So, she saves the $15/mon rental for the G3100 and avoids the quirk.
07-16-2020 09:32 PM - edited 07-16-2020 09:38 PM
Sadly, my friends G1100 went flakey and she went back to the G3100 which she hadn't gotten around to sending back to Verizon, Soooo, I did what I could to make things work.
Previous advice about DNS, I misread. You don't put in your external address, you put in the internal one, meaning anything coming in via the DDNS name will be routed to 1 machine. I created a second DDNS name for the rest of the network from outside, but then found that duckdns.org does allow sub addresses. So, if you have blah.duckdns.org as your name, you can put in your G3100 DNS that ftp.blah.duckdns.org is address 192.168.1.23 and cams.blah.duckdns.org is address 192.168.1.25, meaning that the sub address specifically tells dumb G3100 which pc to go to. Port forwarding should be ignored, so no socket translation, but I didn't get that far since I didn't need it for this.
However, the good folk at Verzion still have me stymied with FTP serving. It won't get through the G3100, but is just fine through the G1100. The data connection can't be made. I use different addresses to keep the hackers away. Like 900 for the incoming FTP connection (normally 21) and 50000-50020 for the data channels. But, this does not work on the G3100, it connects, but no data. I suspect the router tosses the incoming connection instead of believing the port forward for 50000-50020 and passing it through to the FTP server. A scan will show that port 900 is open but the others are closed. I found no log in firewall, which I also turned completely off to test this, or security or advanced or nothin'.
I'm looking at free SFTP servers to get around this, but that will be a pain.