Changed from ASUS RT-AC68U (Merlin) to Netgear X4S (Voxel) and having Port Forward Issue With Caddy Take 2

I totally forgot about this and my thread has since closed. It was also “hi-jacked” at the time.
Original Thread:
Dec '17

I’ve attempted to get assistance on the Netgear side without luck so far, so I figured I’d try here. Perhaps someone here is familiar with how they get their Netgear Router to work with Caddy. I had a ton of help getting my setup working here, including the clever port forwarding used in a similar UNRAID setup. Upon putting my ASUS router back in place, everything works fine again.

I got the Netgear X4S R7800 , and immediately loaded the latest Voxel firmware. I am fairly sure I mirrored all the settings exactly, including my port forward rules to get around my NAS ports issue. The only other thing I really do is start my DHCP pool at 101 to reserve everything below for my static IPs.

I am running a Synology DiskStation DS916+ with Docker and the Abiosoft Caddy server image. I am only using it as a reverse proxy. I like how simple it is and benchmarks show it as less resource intensive as well as higher performance that nginx.

I had a issue with port 80 and 443 with my initial ASUS setup, I forget the specifics, but i believe it is was because the Synology redirects 80 to 5000 for its web console. Also perhaps the router itself uses that port for the web console. The solution was to basically do this with 80 and 443:

Router -> forwarded -> Synology -> port mapped -> abiosoft/caddy docker container
80                     8080                       8080:80
443                    8443                       8443:443
(external)             (internal)

The NAS has a static IP.

Hope this makes since, but it is probably less important.

Looking through the netgear settings, I saw some potential settings such its web console and READYshare using these ports. In my troubleshooting, I attempted to change the ports and/or disable. I don’t plan to use most features like readyshare. Note the readyshare advanced page to see where I saw the ports noted there. I am pretty sure i disabled all those, including media share.

Any ideas or troubleshooting I should make sure I did?

I did the identical “port-detoured NAT” setup (problem 2 caused by NAS caddy host) to get Caddy the ports it needs externally on the Netgear as I did on the ASUS. Everything works perfect on the ASUS as the router, but not if I make the Netgear the router, even though I am doing exactly the same thing. I am having trouble troubleshooting what the Netgear device must be introducing to the issue itself. Looking through the Netgear settings, I saw some potential settings such its web console and READYshare/Mediashare using these ports. In my troubleshooting, I attempted to change the ports and/or disable. I don’t plan to use those features anyway. Perhaps you cannot ever truly free up those ports on a Netgear router ever?

Maybe the Netgear just wont allow forwarding of 80 or 443 no matter what??? Does anyone have a caddy server working on a similar Netgear router without issue?

Based on the previous thread, the issue was that after swapping to the Netgear, when browsing to your website on port 80, the connection instead times out.

That already pretty neatly narrows down the cause to the Netgear itself. I think the next step should be to find out if this issue affects all port forwarding, or just those ports used for standard HTTP(S). You could do that by forwarding an arbitrary higher port number and seeing if that works, like 8080 → 80 to Caddy.

If it’s universal, that might implicate things like the firewall (does the Netgear router automatically add firewall rules to accommodate the port forward?) or the port forwarding settings themselves (different routers using conflicting definitions sometimes make it easy to enter values in the wrong place, etc).

Might also pay to check if it exhibits different behaviour for a request from the LAN interface vs. a request from the WAN interface.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.