How can I connect to my subnet routers GUI from the internet?

[Drummer1976]

Hi! Thanks in advance for any help!

I need to access my subnet router UI remotely from the internet. I have my primary modem/router set up, while running an ethernet cable to a second router for my subnet. I can easily access the primary router remotely with the usual methods, but have no idea how to access the UI for the subnet router remotely from the internet. The subnet router is a D-Link and does have remote access capabilities. I can access the subnet router from any computer within the network simply by going to the IP and port assigned to it by the primary router, but cannot figure out how to get through the primary router to the subnet routers UI remotely from the internet. Please help! I need access to remotely control my kids access (they are on the subnet) while I am at work!

Thnx in advance!

 

[Drummer1976]

Figured it out. I had to make sure Remote access was enabled on my subnet router. I then had to see what IP the the subnet router was assigned in the primary routers DHCP client list. I then had to forward port 8080 to my subnet routers IP. Now when I type in my primary routers IP with :8080 suffix, it goes straight to my subnet routers UI, from the internet anywhere.

 

[nigelivey]

Always try and avoid port 8080!!!

 

[boosted1g]

So first and foremost never ever use common ports, 8080 is a fairly common port, change it to something you made up that is >10000.

Secondly you better put a very strong password on that subnet router because you are very susceptible to attack by leaving that open.
The much much more secure method is to either VPN or use a remote desktop software that uses SSL (NOT WINDOWS RDP) to gain access to your network, and then modify your subnet router.

 

[Drummer1976]

So first and foremost never ever use common ports, 8080 is a fairly common port, change it to something you made up that is >10000.

Secondly you better put a very strong password on that subnet router because you are very susceptible to attack by leaving that open.
The much much more secure method is to either VPN or use a remote desktop software that uses SSL (NOT WINDOWS RDP) to gain access to your network, and then modify your subnet router.

I am unsure how to use a VPN in this case. I enabled remote access on the primary router, and used a made up port for managing that one >10000. Now I can access the primary UI. I set up a port forward to point to the IP the subnet router has been assigned by the primary in order to access the UI for the subnet router. I tried forwarding many other ports to point to the subnet IP, but when I try to log on remotely is shows 'site cannot be reached'. It only works when I forward port 8080 and point to the subnet routers IP. Why is this?

As well, can you point me in the direction I need to go in order to VPN my way through this?

 

[boosted1g]

You have to match the port forward port and the device's port you are trying to connect with (in this case the subnet router). You cant just change the port in the port forward settings, you also need to change it on the subnet router gui as well.

A better option would be to have separate external and internal ports if primary router has that ability in port forward settings.
Set the external port to the one over 10000 and leave the internal as 8080. This allows you to still use the factory port inside your network (and you might not be able to change it on the subnet router), but still have a unique port for outside your network.

 

[Drummer1976]

Thank you! Just as I was figuring it out I read this, and got it going! I had forgotten to change the default port for remote management on the subnet router to the forwarded port on the primary, so it was sitting on 8080. I selected a different >10000 port number to forward than I used for the primary UI remote access, then set that same port for remote management on the subnet router and sure enough, like you said, I now have access to both UI remotely. As well, I enable visual authentication to my subnet router (a dlink feature) in order to add a layer of security from attack. I saw no option on the primary router to assign a different port for inside and outside network. I can however access both UI's now from within and without the network by using the ports I assigned. Again, thank you!