Reply
New Member
Posts: 2
Registered: ‎07-17-2017

White listing access to an external IP address

I need to access an external IP address.  I cannot connect to it from other networks (such as my phone's 4G connection), but as soon as I am behind the ER8 I cannot reach it.


Thanks for your help and sorry for such a basic quetstion. 

Senior Member
Posts: 5,542
Registered: ‎01-04-2017
Kudos: 765
Solutions: 272

Re: White listing access to an external IP address

Post your config

show configuration | cat

Post your version

Show version 
Highlighted
New Member
Posts: 2
Registered: ‎07-17-2017

Re: White listing access to an external IP address

firewall { all-ping enable broadcast-ping disable group { } ipv6-receive-redirects disable ipv6-src-route disable ip-src-route disable log-martians enable name WAN_IN { default-action drop description "WAN to internal" rule 10 { action accept description "Allow established/related" log disable protocol all state { established enable related enable } } rule 20 { action drop description "Drop invalid state" state { invalid enable } } } name WAN_LOCAL { default-action drop description "WAN to router" rule 10 { action accept description "Allow established/related" log disable protocol all state { established enable related enable } } rule 20 { action drop description "Drop invalid state" state { invalid enable } } } receive-redirects disable send-redirects enable source-validation disable syn-cookies enable } interfaces { ethernet eth0 { address dhcp description Internet duplex auto firewall { in { } local { name WAN_LOCAL } out { } } speed auto } ethernet eth1 { address 192.168.1.1/24 description Local duplex auto speed auto } ethernet eth2 { address 192.168.2.1/24 description "Local 2" disable duplex auto speed auto } ethernet eth3 { address 98.187.231.50/28 description "Cox WAN IN" disable duplex auto speed auto } ethernet eth4 { address 192.168.3.1/24 description "Cox LAN IN" disable duplex auto speed auto } ethernet eth5 { duplex auto speed auto } ethernet eth6 { duplex auto speed auto } ethernet eth7 { duplex auto speed auto } loopback lo { } } port-forward { auto-firewall enable hairpin-nat disable wan-interface eth0 } service { dhcp-server { disabled false hostfile-update disable shared-network-name COXDHCP { subnet 192.168.3.0/25 { default-router 192.168.3.1 dns-server 8.8.4.4 dns-server 8.8.8.8 start 192.168.3.2 { stop 192.168.3.29 } } } shared-network-name LAN1 { authoritative enable subnet 192.168.1.0/24 { default-router 192.168.1.1 dns-server 192.168.1.1 lease 86400 start 192.168.1.38 { stop 192.168.1.243 } static-mapping AP-Northside-East { ip-address 192.168.1.254 mac-address 24:a4:3c:50:61:fe } static-mapping AP-Northside-West { ip-address 192.168.1.253 mac-address 24:a4:3c:50:62:24 } static-mapping AP-Southside-East { ip-address 192.168.1.252 mac-address 24:a4:3c:50:62:52 } static-mapping AP-Southside-West { ip-address 192.168.1.251 mac-address 24:a4:3c:50:62:28 } static-mapping BrotherMFC-Bullpen { ip-address 192.168.1.235 mac-address 00:80:92:cb:81:70 } static-mapping Controller-HW { ip-address 192.168.1.250 mac-address 34:64:a9:72:7a:fe } static-mapping CrimePreventionBox { ip-address 192.168.1.30 mac-address 00:08:f8:02:84:ce } static-mapping Dustin { ip-address 192.168.1.37 mac-address b8:ca:3a:8c:35:39 } static-mapping Lauderdale { ip-address 192.168.1.33 mac-address 50:9A:4C:4A:74:80 } static-mapping LobbyScreen { ip-address 192.168.1.202 mac-address b8:27:eb:0e:1b:51 } static-mapping SueDesktop { ip-address 192.168.1.81 mac-address 64:00:6a:96:70:db } static-mapping US-48-A { ip-address 192.168.1.248 mac-address 78:8a:20:09:b2:75 } static-mapping US-48-B { ip-address 192.168.1.249 mac-address 78:8a:20:09:b1:dc } } } shared-network-name LAN2 { authoritative enable subnet 192.168.2.0/24 { default-router 192.168.2.1 dns-server 192.168.2.1 lease 86400 start 192.168.2.38 { stop 192.168.2.243 } } } use-dnsmasq disable } dns { forwarding { cache-size 150 listen-on eth1 listen-on eth2 } } gui { http-port 80 https-port 443 older-ciphers enable } nat { rule 5010 { description "masquerade for WAN" outbound-interface eth0 type masquerade } } ssh { port 22 protocol-version v2 } unms { disable } upnp { listen-on eth1 { outbound-interface eth0 } } } system { gateway-address 10.47.40.1 host-name ubnt login { user dylan { authentication { encrypted-password **************** plaintext-password **************** } full-name "Dylan Faraone" level admin } user ubnt { authentication { encrypted-password **************** plaintext-password **************** } full-name "" level admin } } name-server 209.251.129.4 name-server 8.8.8.8 ntp { server 0.ubnt.pool.ntp.org { } server 1.ubnt.pool.ntp.org { } server 2.ubnt.pool.ntp.org { } server 3.ubnt.pool.ntp.org { } } syslog { global { facility all { level notice } facility protocols { level debug } } } time-zone UTC traffic-analysis { custom-category Entertainment-Video { name Netflix } dpi disable export disable } } Version: v1.9.7+hotfix.4 Build ID: 5024021 Build on: 10/05/17 05:33 Copyright: 2012-2017 Ubiquiti Networks, Inc. HW model: EdgeRouter 8-Port HW S/N: F09FC2197C7F Uptime: 18:01:24 up 6 days, 16:42, 2 users, load average: 0.32, 0.31, 0. 28
Reply