Configure Port Forwarding on Sierra Wireless Modems

You may need to change the following settings to allow the Public IP address assigned to you by the carrier to be used by multiple attached devices. The settings are labeled as "Public" mode and "Private" mode in the modem LAN settings. Public Mode will provide the carrier assigned IP settings directly to an attached client device though the modem Ethernet port transparently. This mode will only support one Ethernet client device and disables all routing and firewall functionality on the modem.

In the "Private" mode the modem will provide routing and address translation between the carrier assigned IP settings and a private LAN attached to the modem. By default, when this mode is active, all inbound WAN to LAN traffic is blocked and DHCP is enabled with a network of 192.168.13.0/24 providing a primary gateway for the LAN of 192.168.31.31 allowing a possible 253 usable LAN addresses. A switch can be connected to the modem to accommodate the desired number of devices on the LAN.




Access to devices on the modem LAN from the carrier assigned IP address is accomplished by using port forwarding. Port forwarding uses the carrier assigned IP address plus a designated port number to access a particular device on the LAN. Port numbers are registered with the Internet Assigned Numbers Authority and range from 0 to 49000. Many well-known port numbers used for services include 80 for HTTP, 21 for FTP, 443 for SSL and 502 for Mod-bus TCP. The port numbers in the modem are configurable and will pass both TCP and UDP protocols when enabled.

The choice of port number is usually based on the software application used to access the end device. A mobile terminated static IP provided by the carrier is recommended for port forwarding applications. Some carriers restrict predefined port number ranges on their network, therefore, it is suggested you check with the carrier before provisioning service.

In the example below, a mobile terminated public address of 166.111.111.111 is assigned to the modem by the carrier. Three devices on the LAN of the modem need to be accessed 192.168.13.100 @ port 502, 192.168.13.101@ port 8080 and 192.168.13.102@ port 4001. Critical: please note LAN devices MUST have a default gateway configured that points back to the modem's LAN IP address (192.168.13.31 in this case).



AceManager Web 
(AceManager classic for windows will NOT work with GX/ES/LS series modems)
  1. Connect to the modem with Ace Manager Web
  2. Navigate to the LAN tab. 
  3. From the DHCP Addressing section, choose the drop down box on the Host Connection Mode and select All Hosts Use Private IP
  4. Apply the change to the modem

  1. Navigate to the Security tab> Port Forwarding
  2. Set DMZ Enabled to Disable and Port Forwarding to Enable
  3. Select the Add More button-> fill in the Public Start Port and Public End Port. If only one port is being forwarded, enter 0 for the Public End Port
  4. Enter the Host IP (this is the modem LAN IP address on the device you are forwarding to)
  5. Enter the Private Port (this is the modem LAN port number address on the device you are forwarding to)
  6. Continue to select the Add More button for each entry required
  7. When finished click Apply and reboot the modem

The modem will now pass connections from the entered Public Port information and route it to the designated private LAN device. Because of the difference in Ethernet chip sets and possible synchronization issues, we recommend to "Hard code" the LAN IP settings in the Ethernet settings of client devices.