Routing WAN to LAN services


We are using a private 5G network where a RUTX50 router is connected.
5G connects well. After enabling the traffic rule I have access to the web interface of the modem.
Devices on LAN use modem internal subnet with for the modem.
After accepting everything forward (and input but for other reasons), i can ping the devices behind it, like which is a raspberry pi there just for tests, from the 5G private network core.

However, services like ssh and http are not reachable on the raspberry, and I do not understand why.

Any idea comes to mind ?



By default, the SSH and HTTP ports are closed on Raspberry Pi. Ensure that you enable SSH using the raspi-config command. Additionally, for access to port 80, it needs to be open and configured for a specific function.

Best regards,



Of course the SSH & HTTP works perfectly well when my PC is also on LAN. i have installed apache2 for HTTP and ssh is enabled for all sources.

Hi arthurr,
I guess that both 80 and 22 go to the rutx50 instead of the
LAN side. Could you try to forward e.g. external 8080 and
2222 to 80 and 22 on the raspi?

Timalapse Admin

I try not to use port forwarding, which works, but routing, since my “WAN” address is also private since it’s a private 5G network.
Port forwarding works ok. direct routing : ping, traceroute and tcpping works, but not a simple curl or ssh.

Hi athurr,

do I understand correctly that is the WAN side, and
the LAN side is with being the RasPi?
(if not post send a drawing!)

I think DNAT is the thing you are looking for. You are on (let’s say) and access e.g. on the router and it
translates it to Then the Pi sees your real IP address.

But if 80 and 22 are used to acces the router from the WAN side they are
already used by the router.


I made a mistake,
The WAN address (mob1s1a1) is
The LAN address of the modem is
The LAN address of the raspi is

I can ping, tcpping, udp traceroute from core network (, but I can’t curl or ssh However, if I port forward ports 80 or 22, I can curl or ssh and I’ll go straight to the raspi. But I do not want that and need direct routing because in the end, there will be multiple devices behind the RUTX50 and I need to reach those directly.

Here’s a diagram :

I need pure direct routing, no NAT, no masquerade, no DNAT or SNAT or whatever NAT, just routing, to work.
At the moment, icmp, tcpping and udp traceroute works, but no curl or ssh from

This topic was automatically closed after 15 days. New replies are no longer allowed.