Failover to same static ip host and with tow stsati

hi. i am using dvr as host in with static ip,
need to get from wan public static ip and when failover should be mobile uplink by public static ip.
what is the best sets to make it works?
i can use dmz in mobile and port farowarding at wan router.

Hello,

Could you please clarify what you are trying to do or achieve?

Best regards,

hi,
i need backup failover.
access to dvr main conection by wan from adsl router. (have static public ip “A”).

and when adsl down, need to get dvr by mobile connection by another static public ip from mobile comapny.( sim static public ip “B”).

at the and : backup failover bitwin internal networks 192.168.1.x adsl net to 10.0.0.x mobile net.

the dvr set to 192.168.1.50 port 8010 and port 91.

Hi GB007,

try to explain what you want to achieve,
in a way that we can understand what you mean,
and without a whole lot of typing errors.

Then somebody might be willing to help you!

You’re talking about “static public IP” and then you
mention 192.168.1.x and 10.0.0.x - totally unclear.

Regards,
Timelapse Admin

hi,

i have:
RUT200,

NVR 192.168.1.50 (internal static ip)

port 8010
port 91

ADSL router D.gateway 192.168.1.1

have also 2 static wan’s public ip’s:
1 for the adsl router (main isp company)
1 for the sim apn mobile (backup 3g)

get access to the nvr by the wan port throw the adsl router, but when it fails, i can’t get access by sim mobile public ip.

what should i do ?

Hello,

As TimelapseSystems mentioned, your message is a bit unclear. Please provide a clear description of the issue and your intentions. Additionally, it would help to clarify situation if you provided a network map. Providing a network map would make it easier to understand the information you’re sharing.

Best regards,

Most likely the “public IP” provided by your SIM is behind a CGNAT so it won’t be directly accessible. You should look into Tailscale, Wireguard, ZeroTier, or some other VPN type to access your NVR via the backup connection. Tailscale is probably the easiest to set up.

hi, thanks.

Schema attached.

i shut the wan interface , then mobile link turns to up, but without the ability to get access.

maybe worng apn parameters, or
there is an option to mask and make an internal route rule ?

[backup access by failover adsl as master and mobile as slave]

(https://1drv.ms/i/c/d5c34d4e25a79aca/ETZs-sSmNilBktYzcq50dwAB5XJ_f3jtvHvNc2NeQLUWMg)

I will say this part again:

You are probably behind a CGNAT. CGNAT does not allow direct inbound connections.

You can test this by inspecting the IP address being assigned to your WWAN/mobiXXX interface on the RUT2. And compare this with the IP reported by visiting https://checkip.amazonaws.com from a device on the LAN side of your RUT.

If the IPs are different, you are behind a NAT.

Even if you don’t have a CGNAT issue, you do have routing problems.

In the attached diagram, I hope the ‘10.0.50.91’ address is a typo and should read ‘10.0.0.91’, otherwise that group of addresses would probably only work in a class B network, ie with a netmask of 255.255.0.0, which would be horrendously inefficient.

Even without that your set up has a routing policy problem. Your DVR with an address of 10.0.0.91 has a gateway of 10.0.0.38.

So when an external request comes from 54.21.68.6x via 10.0.0.250, the DVR tries to respond through its programmed gateway 10.0.0.38.

To resolve this I would not have your adsl router the RUT200 and the DVR in a star topology, but with the RUT200 between the DVR and the adsl router, so:
DVR:
LAN: 192.168.2.2

RUT200:
LAN: 192.168.2.1
Wired WAN: 10.0.0.250
Mobile: 54.21.68.6X
Forward WAN Ports 8010 & 91 to 192.168.2.2

ADSL:
LAN: 10.0.0.38
WAN: 212.213.243.3Y
Forward WAN Ports 8010 & 91 to 10.0.0.250

I would just mention that this will expose your DVR to the internet, which creates its own security risks and I would prefer to set up some VPN tunnels, but that is a separate subject.
You will also need to think about your firewall setup as potentially, you can have external traffic coming through the RUT200 and appearing on the LAN side of the ADSL router.

hi, thank you, i will check it.

hi,

the addres that i mention, is 10.0.0.50:91

port 91

for web acces

This topic was automatically closed after 15 days. New replies are no longer allowed.