I've just updated the FW on three 2820N to 3.3.3.

In all other previous firmware I used, I could utilise the WAN port forwards both from the local network and from out on the Internet. For example, if my public IP was 11.22.33.44, and port forward 55525 was set to forward to private IP 192.168.0.50:25, then 11.22.33.44:55525 would work from either a PC sat behind the router, or a PC out on the Internet. (I'd use rDNS to map something like dsl.mydomain.co.uk onto the public IP address)

Since I've gone to 3.3.3 this no longer works. I can ping the public IP fine from the local network, but not access any of the port forwards. Publically, the port forwards still work just fine though (so proving they themselves are not an issue). Using a VPN is not an option.

Does anyone know what has changed in 3.3.3 that would cause this? Is there anything I can do to overcome it?

Thanks

After liasing with Draytek UK support, I've narrowed this down to a bug in 3.3.3 where "NAT loopback" (as I should have described it in my original post!) breaks when you enable IP routing for an IP address block (in my case just a small /8 block). As described in: http://www.draytek.co.uk/support/kb_vigor_2ndsubnet.html

NAT loopback works perfectly under 3.3.3 (but not 3.3.2.1) if you only have a single IP address.

Hope this helps anyone else having this problem - can't imagine me and my clients are the only people using 3.3.3, a block of IPs, and NAT loopback![/url]

Hmm I just posted a question about 3.3.4 with exactly those symptoms. Think I'll contact Draytek Support.

Thanks for letting us know it continues to be an issue in 3.3.4.

It's a shame that they broke it in 3.3.2 or 3.3.3, and haven't yet fixed something that was working, when it's been brought to the attention of Draytek support quite some time ago.

This problem is causing me and my clients significant issues.

Same issue with 3.3.4 here.

NAT loopback is fine with 3.3.3

Using a /29 block of statics.

jamesy

...but not with 3.3.3 if using WAN IP alias also.