subscribe to our Youtube


14455 questions

17168 answers


0 members

We are migrating to our new platform at Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
1,439 views 5 comments

I'm facing a problem with the port forward that doesn.t work with router RUT950 and firmware...quite all...from 00.06.05 on...

Very simple scenario: the router ( a pc ( and a cam ( all connected together; the cam has a web server.

Both from lan or wan I cannot forward any port (I try 8080,8081,8082, etc.) to web server. An example:

In lan,

  • From I can browse both and
  • From I CANNOT browse

Same from wan and public yes it is public, I check) IP address

This is quite urgent because my customer is going to deploy about 100 hundred devices in a metropolitan area.

Any help would be appreciated

2 Answers

0 votes
by anonymous


A solution to this would be creating a port forward rule which would be configured as follows:

The source of connection should be WAN and a destination should be LAN.

Source and External IP address would be set to "any" or blank by default, and internal IP should be your camera that you're willing to reach. Set your external port and internal port with the port you want to use to reach the camera service. 

So let's say if the camera port is 80, then make sure the internal port is set to 80 and your external port will be the one through which you will be connecting to the service from the external network. 

After that, you should use your Public IP and external port you filled in your rule to connect to the camera, but you must do it from the external network, let's say your mobile phone. You should be able to see that the connection is established.

More about how it's configured is explained here:



Hi, thank you for your response. I reset all install the last firmware an start from scratch as you suggest and now I'm able to connect to cam using public IP. Good

Now the second step...I need to do the same but within a VPN (to Azure).

What I did is create the vpn gtw on Azure and configure point-to-site connections, then I download the OpenVpn client configuration file. On the router using the web ui I create the OpenVPN client configuration, flag to use a file, upload it and save. Good, it works; al also can "ping" from router utilities a linux box in Azure vnet.

Azure vnet is with two subnet: for the gtw and for "servers" (here is my linux box). P2S network is

On the router I add another port forward rule like the one that you suggest me BUT using openvpn as the source zone and of course with another external port (8081).

This solution, does not work. from linux box on Azure (that is I cannot connect to cam through router vpn ip (that is

this is the route table in router:

and this is the route table of linux box in azure:

Any suggestion?

Thank you

by anonymous
I see that your subnet of the router and devices is What you will need to do is reference this address and subnet in your azure route table, cause I can't see it mentioned there. Otherwise, you will not be able to remotely access the router and devices behind it.
I beg your pardon but I do not understand...why I have to do this? in the first scenario (using public Ip) the forward work correctly.

By the way, if I add the route as you suggest, what should be the via or gtw?

Thank you for your effort
by anonymous
As your Azure VPN server doesn't know where is the network, only your router knows azure - you need to give it a route to know what is the network that it's trying to reach. So Gateway would be, and the network you're trying to reach is

This is exactly what I need simply doesn't work...

0 votes
by anonymous


For port forwarding in LAN you may have to enable Masquerading for the lan zone. This can be done from the Network → Firewall → General Settings page. Simply place a checkmark next to Source zone: lan, under Masquerading. (And don't forget to save the changes.)

In WAN-to-LAN this is not required as Masquerading is already enabled by default for the wan zone.

I hope this will be of some of use.

Good luck,