Port Forwarding Help (upgraded from Apple AirPort to Ubiquity UniFi)...

Zeigh
Zeigh
edited November 2021 in SecuritySpy

Does anyone use the Ubiquity UniFi system for wifi (or maybe just good enough to diagnose the numbers)? I could use a little help with port forwarding settings, as I finally switched over from using probably the last Apple AirPort Extreme manufactured in 2018. Here is what used to work...


LAN: https://10.0.1.28:8024

WAN: https://172.XX.XX.XX:8024


Here are the current UniFi settings...


Name: TEST

Enable Forward Rule: ON

Interface: BOTH

From: ANYWHERE

Port: 8024

Forward IP: 10.0.1.28

Forward Port: 8024

Protocol: TCP

Logging: Optional


I have further turned off any firewall settings and network monitoring (Little Snitch) on the host computer for this testing without change (where before there were settings opened up for the specific port). I have also tried a variety of UniFi settings, then testing with my iPhone outside of the network without success. Does anyone see what the issue might be?



Peace, Dr. Z.


Screen Shot- Unifi.jpg


Comments

  • Ben
    Ben

    Hi Dr. Z! Assuming that SecuritySpy is running on a machine with the LAN address 10.0.1.28, and SecuritySpy is set to use port 8024 for one of its web services (ideally HTTPS), then your port forwarding rule looks correct to me.

    What is between the UniFi and the Internet? Are you sure that any modem device in the middle is not acting as a router itself, which would put you in a double-NAT situation? This is explained in the FAQ I'm unable to access my system remotely - how can I troubleshoot this?

  • Zeigh
    Zeigh

    PROBLEM SOLVED. Thanks for chiming in, Ben.

    It turns out that there was some oddity my ISP would not elaborate on that blocked the ports, but that their Tier 1 support people would see that the ports were open. Obviously confusing, since my port scanning software was showing closed. It took three calls and my best communications skills learned from marriage. You have to know what to say, how to say it, and when to even speak up.

    I finally found a senior support employee who knew his job well and how to correct the issue across the board, but also knew what he could divulge and not. He even provided his direct email so that I could send him screenshots of the diagnostics on my end as changes were implemented, which made things a little like NASA control talking to astronauts and that frustrating delay in communication. There was no apology and a low level of customer service infused into their communication that you might expect from an IT tech stuck in a cubical somewhere, but the issue was finally corrected.

    Certainly knowledge and skill are the main things that solve technical problems. However, don't forget about thinking outside the box, knowing when to jump ahead of the logic tree, and raw tenacity.


    Peace, Dr. Z.

  • Ben
    Ben

    Great to hear you managed to get this fixed! This certainly sounds like an impressive display of patience on your part having to deal with the various tech support people at the ISP. It's weird that they would be blocking ports while not making this explicit to customers, and also being cagey about it when asked.

  • jenwill1
    jenwill1

    I finally fixed my remote access.... I also have a Ubiquiti Unifi system with a Calix GS2020 modem/router. When the Calix was installed I had them set it to Bridge mode with a static IP. Could not get remote access to work no matter what I tried from port forwarding,NAT, security settings, etc. From this post I decided to talk to the ISP and first got "ports 8000 and 8001 aren't blocked", then the higher level tech called and wanted to switch the modem to a DMZ mode instead of Bridge mode for the cleanest connection to my Ubiquiti system. Success finally after hours and hours of trying different settings on the Unify side. Hope the post helps someone else.

Categories