How to connect to SUN2000 from DD-WRT


The Huawei SUN2000 inverter has a build-in/internal WiFi interface (SSID beggining with SUN2000-<serialnumber>) which is exposing a Modbus TCP port (502). Using this connection you can obtain inverter data in the realtime and eg. collect it for your own purposes.

Huawei Smart Dongle-WLAN-FE is also able to expose this Modbus TCP connection but for the time of writing this post – the firmware with this capability is only available upon e-mail request from the Huawei’s support.

If you for some reason want to connect to the Huawei SUN2000 inverter “the old/classic” way using the internal WiFi, and moreover you want to do it using DD-WRT then this article may be useful to you.

The hardware

For my testing purposes I have a spare TP-LINK TL-WR740N wireless router which I was planing to use to connect to the inverter…

It has the ability to setup a port forwarding:

The SUN2000 internal WiFi act as a separate network with it’s own DHCP server. It was probably planned for initial configuration from the smartphone in mind. You cannot just bridge the WiFi into your home network. Moreover only one WiFi client is able to use the inverter at the same time.

I thought that it will be sufficient to connect to the inverter and setup a TCP port 502 forwarding to be able to connect to the inverter from my LAN using this TP-LINK router.

It was not so easy!

First of all the inverter seems to talk only to a client which was asking for a DHCP address, and furthermore it is not answering to other routed host addresses, it probably also has a TTL detection.

So even when I was successfully connected to the inverter (and ping from the router to inverter was working fine) the port forwarding method from the official software was not working.

I decided to search for some alternative software and DD-WRT comes to my mind first as the quick and easy solution. Fortunately the router is supported and has a the following wiki page:

According to the above it should work with mine, which has the following hardware and software revisions:

Few moments later I have a working DD-WRT in my TP-LINK 🙂
Tip: I had to disable the DHCP server on the LAN interface because it is enabled by default.

Initial configuration

I needed to connect to the inverter as a WiFi client and obtain an address from a DHCP, so I set a WAN port to the wlan0:

In the Wireless/Basic menu I set the Wireless Mode to Client and entered the SSID of the inverter:

In the Wireless/Security menu I set the following security options:

Default password is Changeme as you can see in the above image, but I strong urge you to change it for the security reasons.

Then in Setup/Basic Setup I selected ‘Automatic configuration – DHCP’ for the WAN Connection Type.

After this config the router was able to connect to the inverter which was visible here in the Status/Wireless:

And also in the Status/WAN, where I can see an address obtained from SUN2000 internal DHCP server:

I also set the Operating Mode as Router in the Setup/Advanced Routing:

The next step was to configure NAT for the 502 TCP port to be able to connect from the LAN to the inverter. The DD-WRT web interface also has the port forwarding setup similar as the original software:

But it was not working for the same reasons as described above…

Final configuration

Fortunately the router can be accessed from SSH or Telnet and the iptables command is available 🙂

With this in mind it was very easy to create a two NAT rules from the CLI:

So I’ve typed:

iptables -I PREROUTING -t nat -p tcp -d --dport 502 -j DNAT --to-destination
iptables -I POSTROUTING -t nat -d -s 10/8 -p tcp --dport 502 -j SNAT --to

The POSTROUTING/SNAT rule is the most important as it “fools” inverter that the routed packets comes from the DD-WRT’s IP address.

Of course the above is assuming that the router is configured with address in the LAN and the WAN address of the inverter is

Now my connection to the inverter is working perfectly fine from my linux host which is collecting inverter data via hard:

Leave a Reply

Your email address will not be published. Required fields are marked *