Just upgraded to FIOS Gb and installed the G3100 router. All the basics work fine, but just like what appears to be happening to everyone else, I simply cannot get any port forwarding/external access to work. I've read 50 threads here, and tried all sorts of hairbrained suggestions, but absolutely nothing works.
Have some cameras, as well as a NAS device that replicates to another NAS device in another location. Everything worked fine with my previous TPLink router. With the G3100, absolutely nothing works.
Generally, uPNP works fine for these basic applications. Here, the G3100 accepts the uPNP settings from the devices, and in the Port Forwarding tables it shows as having the correct TCP ports open, but yet, there is still no outside access.
If I disable uPNP, delete all entries, then manually set up ports, that doesn't work either. So basically, either auto generated ports, nor manual ports work.
I've tested with VPN loopback, using my phone with wifi disabled, and from external locations. Nada.....
Is the G3100 simply malfunctioning? Is there a systemic bug in the firmware? Is there some other menu buried deep in the system that I cannot seem to find? Or should I simply dump the router and use something like Ubiquti (my wifi mesh is UBNT).
02-17-2021 09:46 AM
UPnP uses SSDP to discover devices of interest and control points. SSDP is based on Multicast. If your network has IGMP enabled but lacks a querier, it will interfere with SSDP and UPnP.
You can technically disable IGMP on G3100, however, if other switches on your network has IGMP snooping enabled by default, you may not able to turn them off.
From security perspectives, I won't bother with UPnP and even Port Forwarding. I only port forward to devices with a host-based firewall. IP cameras probably won't have a firewall built into them. So it is risky to simply port forward to IP cameras.
Since you mentioned about VPN, why don't you use VPN to access your LAN network? I believe a major of IP cameras can be accessed with their LAN IP.
Since your VPN server is within the LAN, you need to configure port forwarding rules to the VPN server. Your previous TP-Link router works may due to it has VPN passthrough, which leaves some ports permanently opened from the WAN side, which is a security risk. You need to manually configure this on G3100. The settings are also different depends on which VPN protocol you use.
If you would like to know the port forwarding setting for your particular VPN, I am happy to help you.
02-18-2021 04:25 AM
Thanks for replying!
I'm just trying to figure out if the G3100 can or cannot allow actual port forwarding, so my devices that need to be accessed from outside the house can work.
From most of the posts here, the G3100 seems to have systemic problems with allowing people to access their LAN from outside their homes. Lots of people here that have security cameras cannot use the G3100 to access their cameras from outside their local networks.
uPNP is not part of the problem, its simply an automated way to set up external port access for devices that support it. Its been around forever, and works fine for most AV applications, which is what I mostly need.
The fact is, that if I set up the ports manually, or allow uPNP to do it, either way, I cannot access my cameras or storage devices from outside my LAN. No matter what I do, testing via external port testing sites like https://www.yougetsignal.com/ shows blocked ports. Same results if I test via cellular. Nada.
Basically, the G3100 has some serious problems with port forwarding/external access. It simply doesn't work...
I think its basically a problem with the way the management UI is set up in the router. All routers can filter by "port" (which is a virtual concept anyway), that's what they do (routing!). The G3100 UI doesn't correctly control its virtual port filtering correctly though.
I'll try a few more things, but if I can't get it to work, I'll buy a Ubiquiti edge router and simply use that instead.
02-18-2021 07:34 AM
uPNP is not part of the problem, its simply an automated way to set up external port access for devices that support it.
No, it has more functionality than that. UPnP could be part of the problem, as well as IGMP and IP multicasting. Again, UPnP is not safe enough. If it is hijacked by malware, it can open whatever ports it wants to give convenience to attackers.
Can you screenshot your Port Forwarding setup page? We want to make sure you set them up correctly.
the G3100 has some serious problems with port forwarding/external access. It simply doesn't work.
I don't think so. There are people here who got it to work.