Rules for Rustdesk stopped working
-
Hello,
I am trying to figure out why my rustdesk NAT rule has stopped working.
I have DDNS that is up and running.
I can connect to my unraid docker rustdesk server and relay from internal using the DDNS name.
I can force the use relay and it works internally.
I used to have different working ports translated to 21115-21119 that stopped working and I have tried rebuilding the rule/nat with the defaults and still not working.
Yes I have tcp/upd on all ports I tried single rule for 21116 and still didn't work externally.
Enable NAT Reflection for 1:1 NAT - enabled
Enable automatic outbound NAT for Reflection - enabled
NAT Reflection mode for port forwards - PureNat -
Hmm, well I'd expect that to work as shown. So if it's not you might have another rule above it matching traffic first. Or a 1:1 rule for the WAN IP to some other address. The individual port forwards would normally override that though. Or perhaps a firewall block rule matching it.
I would send to some traffic at the WAN IP from some external source and then check the states created in Diag > States. That should show you what's happening.
-
@stephenw10 I changed the rule back to the other ports I was using before with no change. External no go(even over wireguard no go).
Internally using reflect on custom ports still works.
Working on cell from wifi DDNS
Not working once I disable wifi and just use cell connection
I know using various external tests the ports are seen as closed, but others that I have configured the same are working just fine.
The kicker is it was working just fine a month ago and it just stopped working.
The firewall shows this for each port inc 5222x or nat 2111x same messages no drops
-
@DragonzGate both are on top except bogons
-
Ok the states show it's forwarding the traffic as expected but the target is closing the connection.
I'd guess the rustdesk server is refusing the connection because it's from outside it's own subnet. It allows the connections from the same subnet when you test internally.
-
@stephenw10 not sure why its refusing based on network when it was working before. I will try to rebuild it and the entire docker setup and see if anything sticks out.
-
@DragonzGate said in Rules for Rustdesk stopped working:
Not sure why its refusing based on network when it was working before.
The other OS, widely know, called "Microsoft Windows", since Windows XP ( ? ) has the same default behavior.
When big upgrades happen, or new installs, the Network Neighborhood default behavior is "Public".
The thing is, very few actually know what this "Public" means, or the other choice ; Private (or even Domain).
In the Public mode, the device will only connect to the gateway if needed, and no where else, and will not accept any incoming connection from anywhere. Network folder sharing, printer sharing etc will be stopped.Then there are some programs that won't accept any connections from 'elsewhere' except the local LAN. Like Remote Desktop, you have to enable it to accept connection from 'any where' (most often : the Internet) manually, after validating Microsoft's big warning that says "do not do this as this is a security problem".
-
@Gertjan thank you
just for reference my rust desk server is a linux docker on my unraid server. I am starting to think the unraid server has a network issue that I need to address. -
ok thanks all. I have found the issue.
Some update on my unraid server was denying ipv6 so I would see the connection but it wouldn't respond back since IPv6 was completely disabled.Now on to working on my next project.
set up a P2P wireguard vpn tunnel for my new GL-AXT1800 travel router.
Goal: to have my devices(laptop, switch, tablets) for travel connect to this router and the router use hotel wifi.If you know of a very detailed step by step for this please drop a link in a reply.
-
The most difficult part of that sort of setup has usually been connecting the router to the local wifi hotspot whenever I've tried it. The facility for scanning for and connecting to wifi is often... sub-optimal!
-
@stephenw10 hmm will have to look out for that. Part of the reason for doing it also to tinker and learn more about the possibilities. I don't learn as much from just reading but from guided setups then messing around with them once I see how it is supposed to work.