Dear All

i have 2 subnets set up 192.168.10.x and 192.168.15.x for example

i have a server on subnet 192.168.10.x with ip address 192.168.10.10 for example

did port forwarding to it so i can connect to it by typing http://service.domain.com:4567 from outside and it works fine

I do not want the subnets to see each other internally - one is the "secure internal" subnet and the other one is guest subnet so from within guest network i dont want to be able to see any devices on the main subnet, but would like guests to be able to type http://service.domain.com:4567 and have access as if they were outside

at the moment all i get is page can not be displayed...

by the way - have multi-static IP config and the router is Vigor 2850

is this achievable?

Does the DNS server give the local or public IP when queried internally?

That should work I think, you'd need to have inter-lan routing between the subnets enabled potentially and also make sure you're on the newest 3.6.4 firmware.

but if i do inter lan routing, wouldn't I open access to local ip range?

i want both lans to work as if they were separate networks connected to different IP's and having a link via internet only (sort of) so i can only access forwarded

ports to certain internal addresses

i hope it makes sense

I even tried to do http://ipaddress:4567 but still get page can not be displayed so it is more a routing issue by the looks of it

If the DNS resolves as an internal address with your server then yes, you'd need to use inter-lan routing, if they resolve as the public IP internally then yes, that should work without inter-LAN routing enabled and it would indicate some problem with NAT loopback.

but how would i troubleshoot NAT loopback?...

make sure Join NAT IP Pool is unticked for the alias IP if that's what you're doing, make sure that address is resolving as the public IP when doing a DNS lookup from the client PCs you're testing with.

update the firmware, if that doesn't fix it then report it as a bug to suppport