1to1 NAT nor port forwarding working properly from WAN to LAN on single secondary IP
I have a 1335 that works very well and has responded appropriately for all other rules, on any of the other IPs, to all of their respective devices, whether 1to1 NAT or port forward. The LAN side of our network is a 10.10.1.x/24 network. The ethernet interface is assigned one of 5 static IPs, and most of the services are routed through this address. I have the other 4 IP addresses set as secondary IP interface addresses. We got two new pieces of different equipment. I decided to isolate one of them on a secondary IP because there are several of those devices running the same services. I simply used the "public" zone, created a port forwarding rule, pointed the appropriate ports through, and used the secondary IP .220 for the rule. All is well and it functions perfectly. The other device has become my daily nightmare. I did exactly the same thing using the secondary IP .221 for the second device, and while port 80, 443, 123, all show open and work correctly, the other ports, 8082, and a range from 16390-16393 show closed, and the device doesn't send audio back and forth, but the web interface and cert ports work fine. I have deleted the port forward and tried 1to1 NAT in and outbound, inbound only, tried recreating the port forward, tried an outright allow, and still am unable to use the new device properly. On the LAN this machine works the way it should, connects, certs, and carries audio. From the WAN side, you can connect to the web interface, it asks for your mic and speaker, hooks up, then sends no audio (should be two way audio). I have double and triple checked UDP and TCP ports and protocols, still nothing. I used wire shark, and found that many of the ports being used were not listed, so I altered the rules from the WAN to allow "any" port. Still no luck. Used a port forward with the "any" "any" setup, nothing. Added a UDP forwarding helper, nothing. I am stuck, I don't know why I can't get audio to or from the device. I have elevated all of the rules for this device in the zone above everything but the VPN tunnels. Any ideas or help are very appreciated.