"Home Network" times out. Test shows Remote Connectivity Fails with "Timeout (0) Timeout"

  • @michael-eckhoff Thanks. I see I was over thinking allowing Any port to the Amplifi device in the firewall access rule. I actually haven't had to open ports nor VPN'd into home for over a year. I can see one old firewall rule does allow Any port and logs many sources when used as you pointed out. So it should be no biggy since the port forwarding and initial connection needs to happen first. 🙂

  • @david-lee No problem. You should be a network security guy with your thinking though. 🙂

  • @david-lee I actually have the exact same upstream router. UPnP randomizes the ports, so that won't work with the Peplink as the peplink balance one's firewall does not appear to automatically open ports for UPnP forwarded ports.

    First step after pairing is you have to pick a port and set it in the primary AmpliFi AP's web portal and apply changes. Something random above 10k and below 50k is safe. The same port number will be used for both TCP and UDP. Remeber this port number for later.

    Next step is to forward that port manually on your Peplink by creating 2 rules (one for TCP and one for UDP) that forward the "single port" you chose from your WAN's inbound address(es), setting the "Server IP Address" to the internal IP address of your primaryAmpliFi Access Point. Make sure you rember to forward the same port for both TCP with one rule and UDP with a second rule.

    Then go to the firewall settings and add 2 new inbound rules (one for TCP and one for UDP):

    WAN Connection - Set to "Any" or to your primary WAN
    Protocol: Select TCP for one rule, then create a 2nd identical rule with UDP selected.
    Source: Set both to Any (Any IP will let you connect from anywhere in the world. Any Port is required as outbound ports are always random. There's no security risk in this setting as this just applies to the port number the remote teleport opens up for its outbound connection... for the destination, you're still going to lock it down to only the 1 port you need so as to keep all other ports on your firewall closed).
    Destination: Select Single address and put in the internal IP address of your primary AmpliFi Access Point. Select "Single Port" and specify the port number you chose in the web portal early on.
    Action: Allow
    Event Logging: Enable (at least for now so you can see when it's working).

    Then repeat the above steps to create an identical rule for UDP instead of TCP.

    Make sure both these inbound firewall rules are ABOVE the "default" Any Any Any Any Deny rule.

    Click Apply Changes and everything should start to work the next time you test connecting remotely.

  • @bee-cee Thanks. I do have everything working.

    Funny enough Peplink just released a new bug fix build to firmware 7.1 yesterday to fix the problem of not being able to reorder/reprioritize firewall rules (Peplink announcement). With the bug, you could drag/change firewall rule order, but there was no way to apply/save the new order.

    That bug started when I updated firmware a few weeks back and only confused my firewall setup testing for Teleport.

  • @bee-cee said in "Home Network" times out. Test shows Remote Connectivity Fails with "Timeout (0) Timeout":

    to pick a port and set it in the primary AmpliFi AP's web portal and apply changes

    Hi @Bee-Cee can you please explains how to set the port on the primary AmpliFi AP's web portal? I have been going through for hours but can't find the options to set the port.. Please help

  • @sudomo-moedjono Hi, port can be specified in AmpliFi router's web portal after Teleport has been paired to it.


  • @ubnt-karlis Hi thank you for your reply, I managed to open the web portal! 🙂

Log in to reply