Skip to main content

I have forwarded port 22 (ssh) on my new g34, and it seems to work well for a time. I am able to establish an ssh connection from inside or outside my network using my public ip (ssh user@publicip) However, after a seemingly random amount of time, I am no longer able to connect to the forwarded port using my public IP from inside the LAN. Connections from outside the LAN continue to work fine (phone on 4g, other networks, etc...) and connections made using the local ip inside the LAN work fine. The issue only occurs when devices attempt to connect via my public IP while connected to my LAN.

The same issue occurs on all forwarded ports. They work for a time, then stop. The biggest issues are caused by “port 80” being blocked. This prevents me from being able to access the website I host from home while using my computers at home. This is a major problem for me because it makes it difficult properly manage and maintain the website.

Using the local IP when at home is not a sufficient solution in this case because it requires setting up a separate web server just to handle local traffic, which then needs to be maintained to ensure it’s working the same as the public server.

After some further research, it looks like the issue i’m having is random failures in NAT loopback. It’s been reported on this site that surfboard products don’t support NAT loopback. That doesn’t make any sense though, because it works fine for a period of time after rebooting the gateway, and it worked fine on my old sbg6950ac2


To anyone who finds this with a similar issue, I was able to find a work around by using pi-hole. There is a local DNS option that will let you point service.domain.com to the local IP of your server. If everything on your local network is served DNS from the pi-hole, then they’ll get your local IP instead of your WAN IP at the DNS level, thus circumventing the issue. 


 If you can't access a forwarded port from the LAN, ensure the router's port forwarding settings are correct and the destination device's firewall allows the traffic.  cheap cable and internet packages Verify the internal IP address is correct and static. Check the service is listening on the correct port and confirm connectivity with internal devices. Restart the router and device if necessary.