RedCat962 wrote: ↑
Sat Dec 09, 2017 3:04 pm
Could you please describe in detail how to do this:
epoch1970 wrote: ↑
Fri Dec 08, 2017 9:32 pm
You will be able to do this: "WAN IP port 12345/tcp -> ESP8266 port 80/tcp, via Pi's eth0"
I'm afraid I can't do that job for you, it depends on your hardware and your configuration in the Pi. But in general:
First you should check if your ISP router supports handling multiple subnets and has an option to configure static routes. If the GUI and documentation doesn't mention static routing, you can forget that option.
If it looks ok then in the Pi you have to remove one of the lines you've added to your iptables configuration. The one with MASQUERADE in it. Reboot to make sure the rule is gone. (Actually, just enabling routing "echo 1 > /proc/sys/net/ipv4/ip_forward" and no firewall rules at all in the Pi would be simpler in the beginning)
From another computer in the LAN, add a temporary static route and try pinging the device. If that machine were a linux machine, you would do:
"sudo route add -net 192.168.100.0/24 gw 192.168.1.100" and then "ping 192.168.100.xxx" (where xxx can be .100 for the wlan0 interface of the Pi and .??? for the ESP8266)
Verify pinging also goes across when pinging LAN targets from within WLAN: "ping 192.168.1.xxx" (where xxx can be .100 for the Pi's eth0 interface and .??? for that PC, or the router)
If that part doesn't work well, check the Pi is routing properly, see if there isn't a firewall rule blocking communication.
If that part works, go to the router and add the static route equivalent to "net 192.168.100.0/24 gateway 192.168.1.100" in your router GUI.
If you have the possibility to ping hosts from the router GUI, try to ping the ESP8266 by its own address (192.168.100.xxx).
If that doesn't work, try rebooting the router, and then check your documentation.
Once this works, verify the ESP8266 still has access to the Internet. Some routers will gladly NAT any network address that reaches them via the internal interface, some others will only accept source addresses belonging to the LAN (192.168.1.0/24) unless you also authorise other networks (192.168.100.0/24)
Lastly you'll need to add a port forward to the ESP8266 in the router, so that you can get its web pages from the Internet. Make sure that machine has a fixed address, otherwise the port forward could suddenly cease working.
(If you have a dhcp server in the Pi, try to make sure it does not compete with the one in the Router. If some LAN machines suddenly attach themselves to 192.168.100.0/24, you'll need to take care of that.)