I'm attempting to setup a router to be used as the WAN modem (TalkTalk Wi-Fi Hub 192.168.1.1), which has a single internal router (the RT-AC51U) as a client. My server and other devices are connected to this internal router (WAN: 192.168.1.10, LAN: 10.0.0.1).
I've added port forwarding rules on the WAN router to forward 22 (ssh) to 8022, 80 (http) to 8000, and 443 (https) to 8443 to the internal router at 192.168.1.10.
The internal router also has forwarding rules to forward traffic from 8022 to 22, 8000 to 8000 (a wordpress docker container is running on 8000), and 8443 to 443 to the server at 10.0.0.100.
I can access HTTP and SSH on the internal network, so the services are running. I can access SSH externally, but when accessing HTTP, it's changing the port in the URL to 8000 and timing out.
I can see in the logs of RT-AC51U that traffic is still being blocked, though it doesn't seem to correspond to when I'm making those requests.
un 20 00:26:51 kernel: DROP IN=vlan2 OUT= MAC=[REMOVED] SRC=192.168.1.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF OPT (94040000) PROTO=2
RT-AC51-U Routing table:
Destination Gateway Genmask Flags Metric Ref Use
Type Iface
192.168.1.1 * 255.255.255.255 UH 0 0 0 WAN0 vlan2
239.255.255.250 * 255.255.255.255 UH 0 0 0 LAN br0
10.0.0.0 * 255.255.255.0 U 0 0 0 LAN br0
192.168.1.0 * 255.255.255.0 U 0 0 0 WAN0 vlan2
default 192.168.1.1 0.0.0.0 UG 0 0 0 WAN0 vlan2
RT-AC51-U Port forwarding
Destination Proto. Port range Redirect to Local port
ALL TCP 8000 10.0.0.100 8000
ALL UDP 8000 10.0.0.100 8000
ALL TCP 8443 10.0.0.100 443
ALL UDP 8443 10.0.0.100 443
ALL TCP 8022 10.0.0.100 22
ALL UDP 8022 10.0.0.100 22
TalkTalk Hub Port forwarding
Service Protocol External host Internal host External Port Internal Port Options
HTTP Server TCP - UDP * 192.168.1.10 80 8000
HTTPS Server TCP - UDP * 192.168.1.10 443 8443
SSH Server TCP * 192.168.1.10 22 8022
I'm not sure what I'm getting wrong.