Problems with remote access

Tbh I didn’t want to throw my computer out of the window until I started messing with port forwarding.

I detailed the issues I’m facing here: Public DuckDNS domain is not loading

Open Port Checker says my port is not opened. But I did the port forward in my eero router.

I have a Cogeco Modem behind my router (CODA-4589)
Basically, my setup is
CODA Modem → Eero Router Mesh → Unmanaged Switch = CODA Modem = Eero Router = Home Assistant

Am I supposed to do the port forwarding in Eero or in the CODA modem?
I did it in Eero Router but it’s not working.
So I tried doing it in the CODA modem instead and I got the error “Local IP isn’t in LAN IP address subnet”

Any help would be greatly appreciated before I throw my computer out of the window for real :stuck_out_tongue:

A brief look at the specs of those Eero Devices tells me, that those Eero devices don’t have a dedicated WAN Port. Thus I am wondering how

CODA Modem → Eero Router Mesh → Unmanaged Switch → Devices

can work with the port forwarding you have in mind.

With the above topology you need two port forwardings:

  1. CODA Modem → Eero Router
  2. Eero Router → Devices

As far as I can see the Eero Router doesn’t offer port forwardings.

I would change the network topology to:

CODA Modem → Unmanaged Switch → Devices

where your LAN devices including the Eero Router Mesh are getting their LAN IP addresses directly from the CODA Modem’s DHCP Server (set static ip’s for your devices at the modem side as needed).

With the above and the HA device directly (or through the unmanaged switch) connected to the CODA Modem the port forwarding to it should work.

I have the Eero Pro 6 Mesh, the main router has 2 ethernet ports. The first port is my CODA Modem and the second port is my unmanaged switch. I just bought the Eero for $800 it has Wifi 6 and it’s the best mesh so I would really like to continue using it.

The Eero does have port forwarding, here’s my config:

According to this guide my setup seems to be fine (modem → eero → switch) Ideal Setup for Cogeco Internet and Mesh – The Nears

I continued to read stuff on google, and if I understand correctly my issue is “Double NAT” because the CODA Modem also acts as a router. I haven’t found how to set it in bridge mode (could be blocked by ISP) so I went ahead and set up IP Passthrough as described here: How to use IP Passthrough for Hitron CGNM-2250
After applying the change I’m not able to access anymore (which was the CODA Modem admin panel) but it didn’t fix the duckdns issue

So if I am correct, with IP Passthrough I shouldn’t have to mess with port forwarding in the CODA Modem anymore, and I should use only the Eero Router for port forwarding (which was already configured)

I changed forwarded ports 80 and 443 to 8123 and for the first time I can load my duckdns URL! The solution was IP passthrough

… is relative and depends on ones individual needs.

However, does the Eero has a dedicated WAN port? If yes that would make it kind of easy to get the port fowarding to the HA instance working.

Bridge mode is set through your ISP. Ask them whether they can/are willing to configure the connection used in bridged mode. Its on their side of the configuration. But then again, the Eero needs a dedicated WAN port which connects to the CODA modem.

If your ISP is not willing to put your DOCSIS into bridge mode, you can set an IP address as DMZ (which will disable all firewall rules, routings etc.). Then configure the WAN port of the Eero to that DMZ’d IP address. This way the modem works in a kind of quasi bridge just forwarding all ingres/egres traffic to/from your Eero without any intervention. Note that you have to set firewall rules, routing tables etc. at the Eero with this kind of configuration. But again, for this to work the Eero has to have a dedicated WAN port. And still, the port forwardings would be:

CODA Modem → Eero Router
Eero Router → Devices
1 Like

Is DMZ the same as IP Passthrough? I used the later because Bridge mode is apparently not an option with Cogeco

There are some cases where your Internet Provider will not allow you to put the modem into bridge mode. Usually this is because they are actually using that yellow private network to deliver additional services to you. In the case of Cogeco, that yellow network actually gets transmitted over the coax cables in your house using a technology called MoCA to deliver TIVO services. If you turn that off, your Tivo stops working which is probably a bad thing. Instead your modem may have a feature called “IP Passthrough” which lets you keep the router enabled, but at the same time passes through a Public IP address to your mesh router. It’s the best of both worlds, if your modem supports it.

Data tells me Eero is the best Wifi 6 Tri-Band Mesh but to each their own preference! :stuck_out_tongue:

Thanks for your help!

No: What is a DMZ Network?

As described above it can be used to basically cancel all firewall rules, routings etc. for a specific (local) ip address at the modem’s side and forward all traffic which is routed through it unfiltered in and out.
But you need a gateway router connected to it with that DMZ’d ip address on the public (WAN) side! You have to do the firewalling, the routings etc. at the gateway router’s side. The modem itself just works as a dumb device forwarding the traffic which goes in and out and nothing more.

But still not answered, has the Eero a public (WAN) port which you can assign a different IP address to than to the local (LAN) side?

If you’re forwarding the public port 443 then you should be testing that port, not port 8123

Looking at these, shouldn’t you check port 443 instead of 8123, from external?

Maybe I missed something.

Edit: Oh, what Tinkerer said above.