cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Zyxel 5013e 5G - servers behind it won't work.

JulianP
Established Contributor
Established Contributor

Hi. 

I have recently changed to 5G broadband. My Cisco RV134W now sits behind an EE branded Zyxel 5103e router (modem). I have put the RV134W WAN on the Zyxel DMZ, but servers on the RV134W cannot be accessed from the Internet, some telnet services on higher ports etc. I have updated the EE Zyxel 5103e to the latest firmware (EE). No luck. It looks like this otherwise Zyxel router has been tighten to the max by EE. It's useless, unless you want to browse the net and send emails... Any clues? 

There is also a setting under LAN advanced settings, Enable NAT. I am not sure what that means as on Zyxel original firmware that would have been paired with a bridge mode or pass-through which has been extirpated from the EE branded Zyxel. 

Any workarounds?

1 SOLUTION

Accepted Solutions
XRaySpeX
EE Community Star
EE Community Star

You may be finding yourself up against a limitation of EE's mobile network. The EE mobile network uses Carrier Grade NAT (CGNAT) resulting in a double NAT, which games consoles often object to, which means you don't get your own public IP address but share it with other users. So you can't be uniquely id'ed on the Net & therefore your LAN cannot be addressed from outside for unsolicited accesses. This is unlike fixed BB. 

If this occurs there is nowt you can do to avoid it.

If you think I helped please feel free to hit the "Thumbs Up" button below.

To phone EE CS: Dial Freephone +44 800 079 8586 - Option 1 for Home Broadband & Home Phone or Option 2 for Mobile Phone & Mobile Broadband

ISPs: 1999: Freeserve 48K Dial-Up > 2005: Wanadoo 1 Meg BB > 2007: Orange 2 Meg BB > 2008: Orange 8 Meg LLU > 2010: Orange 16 Meg LLU > 2011: Orange 20 Meg WBC > 2014: EE 20 Meg WBC > 2020: EE 40 Meg FTTC > 2022:EE 80 Meg FTTC SoGEA > 2025 EE 150 Meg FTTP

View solution in original post

10 REPLIES 10
XRaySpeX
EE Community Star
EE Community Star

What is a Cisco RVxxx and why is its WAN connected to the router? Shouldn't it be its LAN? 

If you think I helped please feel free to hit the "Thumbs Up" button below.

To phone EE CS: Dial Freephone +44 800 079 8586 - Option 1 for Home Broadband & Home Phone or Option 2 for Mobile Phone & Mobile Broadband

ISPs: 1999: Freeserve 48K Dial-Up > 2005: Wanadoo 1 Meg BB > 2007: Orange 2 Meg BB > 2008: Orange 8 Meg LLU > 2010: Orange 16 Meg LLU > 2011: Orange 20 Meg WBC > 2014: EE 20 Meg WBC > 2020: EE 40 Meg FTTC > 2022:EE 80 Meg FTTC SoGEA > 2025 EE 150 Meg FTTP
JulianP
Established Contributor
Established Contributor

The Cisco RV134W is my main router and firewall. It manages my internal LAN, DHCP, port forwarding, VPN and several servers 

The EE Zyxel NR5103E is only providing the 5G Internet connection.

Therefore the setup is:

_______________________________________________________________

Internet

Public IP (31.x.x.x)

EE Zyxel NR5103E
LAN IP: 192.168.6.1
DMZ → 192.168.6.63

Cisco RV134W WAN
WAN: 192.168.6.63

Cisco RV134W LAN
192.168.1.0/24

High port servers, Telnet servers, PCs with servers, etc.

_______________________________________________________________

This exact double-NAT setup worked perfectly with my previous EE router. All inbound connections were forwarded via DMZ to the Cisco, which then handled the port forwarding to the internal servers.

Internet access works normally through the Zyxel, but inbound connections from the Internet never reach the Cisco. It looks as if the Zyxel DMZ is not forwarding unsolicited inbound traffic correctly, or something else in the EE firmware is filtering it before it reaches the Cisco.

 

Can anyone confirm that the EE-branded NR5103E firmware 1.15 DMZ forwards all inbound TCP/UDP traffic correctly, or are there any known firmware limitations compared to the generic Zyxel firmware?

 

 

 

 

 

 

XRaySpeX
EE Community Star
EE Community Star

You may be finding yourself up against a limitation of EE's mobile network. The EE mobile network uses Carrier Grade NAT (CGNAT) resulting in a double NAT, which games consoles often object to, which means you don't get your own public IP address but share it with other users. So you can't be uniquely id'ed on the Net & therefore your LAN cannot be addressed from outside for unsolicited accesses. This is unlike fixed BB. 

If this occurs there is nowt you can do to avoid it.

If you think I helped please feel free to hit the "Thumbs Up" button below.

To phone EE CS: Dial Freephone +44 800 079 8586 - Option 1 for Home Broadband & Home Phone or Option 2 for Mobile Phone & Mobile Broadband

ISPs: 1999: Freeserve 48K Dial-Up > 2005: Wanadoo 1 Meg BB > 2007: Orange 2 Meg BB > 2008: Orange 8 Meg LLU > 2010: Orange 16 Meg LLU > 2011: Orange 20 Meg WBC > 2014: EE 20 Meg WBC > 2020: EE 40 Meg FTTC > 2022:EE 80 Meg FTTC SoGEA > 2025 EE 150 Meg FTTP
JulianP
Established Contributor
Established Contributor

I think so. That's what ChatGPT suggested as well. I tried different APNs. No luck. I keep getting a private IP in the router's interface, either 192. or 10.x. The problem is the EE rep who sold me this had no idea. She said everything is OK... She was absolutely clueless. I think she was actually agency, cause she kept checking with someone else. I have to send the SIM back. 

I tried a simple telnet server with a laptop attached directly to router, no luck. Nothing comes through, of course. 

JulianP
Established Contributor
Established Contributor

I also tried tracert. Lots of EE routers with private addresses in between... Waste of time. 

Tnx for taking the time to reply.

JulianP
Established Contributor
Established Contributor

If you know any other 5G solutions that work server wise, let me know, pls. Tnx

XRaySpeX
EE Community Star
EE Community Star

@JulianP wrote:

The problem is the EE rep who sold me this had no idea. She said everything is OK.


I am ChatGPT 😉 !

Well, running servers on their own kit & having unsolicited access from outside is outside most peeps remit. I would not expect 1st line support or salesmen to be aware of this fact.

If you think I helped please feel free to hit the "Thumbs Up" button below.

To phone EE CS: Dial Freephone +44 800 079 8586 - Option 1 for Home Broadband & Home Phone or Option 2 for Mobile Phone & Mobile Broadband

ISPs: 1999: Freeserve 48K Dial-Up > 2005: Wanadoo 1 Meg BB > 2007: Orange 2 Meg BB > 2008: Orange 8 Meg LLU > 2010: Orange 16 Meg LLU > 2011: Orange 20 Meg WBC > 2014: EE 20 Meg WBC > 2020: EE 40 Meg FTTC > 2022:EE 80 Meg FTTC SoGEA > 2025 EE 150 Meg FTTP
XRaySpeX
EE Community Star
EE Community Star

Not on EE & I believe most other mobile networks employ CGNAT.

If you think I helped please feel free to hit the "Thumbs Up" button below.

To phone EE CS: Dial Freephone +44 800 079 8586 - Option 1 for Home Broadband & Home Phone or Option 2 for Mobile Phone & Mobile Broadband

ISPs: 1999: Freeserve 48K Dial-Up > 2005: Wanadoo 1 Meg BB > 2007: Orange 2 Meg BB > 2008: Orange 8 Meg LLU > 2010: Orange 16 Meg LLU > 2011: Orange 20 Meg WBC > 2014: EE 20 Meg WBC > 2020: EE 40 Meg FTTC > 2022:EE 80 Meg FTTC SoGEA > 2025 EE 150 Meg FTTP
JulianP
Established Contributor
Established Contributor

Hehe. As expected.

 

Running a webserver is a rocket science. Ok... We are all supposed to watch Netflix and Youtube and scroll social nw...  In a dumb fashion. Okay. Employing clueless people in a telecom business. Even the janitor would know how to run a webserver. Hehe