I have the Meraki MX67 Security appliance and I configured a port forwarding rule to allow a specific port to go to a specific client IP address. But I am unable to access this client remotely. When I am using the internal LAN IP and port number, it works. But when I try my WAN IP and Port number, it just spins and finally times out. I don't know what the issue is. This is my first go with Meraki products and I thought it would be easier and more secure than off the store items, but apparently its not. I tried setting up a Layer 3 rule, but that didn't work either. Then I tried a 1:1 NAT rule, but that didn't solve it either. I have been reading thru all the different pages that come up when I google this.
Hopefully someone here can tell me what I need to do to get this port open so I can access my device remotely.
Thanks!
What is your WAN IP address? Does it look like 100.x.x.x?
If so, you might be behind CG-NAT
Yes my WAN IP looks like that. What is CG-NAT?
CG-NAT (Carrier Grade NAT) is when instead of giving you a true Public IP address, the ISP has given you an 'private IP'.
It allows the ISP to NAT multiple customer's onto a single Public IP address.
One of the limitations of this is that end customer's cannot perform port-forwarding, as they do not have a dedicated Public IP address for their service.
You will need to contact the ISP to request a static public IP be assigned directly to you. (This may require additional costs and will require an outage of some length during the transition).
A longer but better explanation of CG-NAT can be found at the following link
What is Carrier Grade NAT (draytek.co.uk)
If the device you are connection to is a Windows device have you set a remote device scope in your Windows firewall?
It is a Zimaboard that runs CasaOS. I am trying to set up a little automation server that I can access remotely.