Port Forwarding Not Working

rgratto2

2[H]4U
Joined
Jul 22, 2005
Messages
2,319
Hi. I had an old linksys router running DDWRT. I bought a new Asus RT-N16 and finally set it up. I had to just duplicate the settings by hand as you cannot back them up across different hardware models even though both are running DDWRT.

I hooked up the new router and everything was working great, until I decided to check one of my port forwards. Turns out its not working, I can't connect through my DynDNS assigned dns name. Assuming I configured something wrong, I compared the settings of the two routers. Nothing interesting, it is set up right.

From there I decided to just hook the old router up, assuming I overlooked something. So I mess around with all the cables, and then, to my surprise, IT STILL DIDN'T WORK.

A few points of interest:
  • My Static IPS are set up right. My server has the proper IP
  • My home IP did not change. DynDns has the right IP.
  • I rebooted all the network equipment and server... just for the hell of it.
  • I tried changing a port forward to point to my main PC and that failed too.

Any ideas? This is starting to drive me nuts.
 
OK well I've found out a little more about the problem. I have my links set up as my DNS name, but I CAN connect to them properly when i use the IP. If i ping the DNS, I get my home IP address though. Still confused.
 
Log into your dyndns account, and see if the router has updated and has the same ip address as what is on line & is on your router.

It's happend to me :)
 
Ow.

The DynDNS name is the external IP and the internal IP are obviously different.

If you are inside the network and try to connect to the DynDNS name, it will not work unless you configure the router to make it work.

Under Security Tab, Firewall Tab, Filter WAN NAT Redirection (if it's on, turn it off; if it's off, turn it on)
 
Ow.

The DynDNS name is the external IP and the internal IP are obviously different.

If you are inside the network and try to connect to the DynDNS name, it will not work unless you configure the router to make it work.

Under Security Tab, Firewall Tab, Filter WAN NAT Redirection (if it's on, turn it off; if it's off, turn it on)

Thanks for the post. The firewall is actually off entirely though, so this setting is grayed out entirely. This worked fine on the old router, and I did manage to get it working finally on the new one by running this script:

Code:
LAN=`nvram get lan_ipaddr`/`nvram get lan_netmask`
iptables -t nat -I POSTROUTING -o br0 -s $LAN -d $LAN -j MASQUERADE

I admittedly have no idea what that does. Found it on the forums here.
 
1) which port are you forwarding?
2) How are you testing that it isn't forwarding correctly, from inside your internal network? or from outside if its from outside what source? friend's house? school network? your company network? Lots of networks block certain traffic, for example: my company and local school do not let any SSH port 21 traffic through whatsoever.
3) How have you confirmed that your dyndns address is pointing to the correct IP? Ping and whatsmyip.com? or checked router status?
4) can you connect directly to the server from inside your own network by using it's private ip directly? Basically, is the server actually working?
OK well I've found out a little more about the problem. I have my links set up as my DNS name, but I CAN connect to them properly when i use the IP. If i ping the DNS, I get my home IP address though. Still confused
What do you mean your links setup as your dns name? You have some page with a link that goes to your DYNDNS account which should redirect to your IP, and that doesn't work, but using your outside IP directly works fine? If that is the case, again, how are you confirming the ip's from dyndns match your side of things?
 
1) which port are you forwarding?
2) How are you testing that it isn't forwarding correctly, from inside your internal network? or from outside if its from outside what source? friend's house? school network? your company network? Lots of networks block certain traffic, for example: my company and local school do not let any SSH port 21 traffic through whatsoever.
3) How have you confirmed that your dyndns address is pointing to the correct IP? Ping and whatsmyip.com? or checked router status?
4) can you connect directly to the server from inside your own network by using it's private ip directly? Basically, is the server actually working?
What do you mean your links setup as your dns name? You have some page with a link that goes to your DYNDNS account which should redirect to your IP, and that doesn't work, but using your outside IP directly works fine? If that is the case, again, how are you confirming the ip's from dyndns match your side of things?

It's pretty much what I just said he should do, check the dyndns account by logging into it and see what ip it has, then go go whatismyip.com and see if its the same one, if it's not then he needs to update it.
 
Thanks for the post. The firewall is actually off entirely though, so this setting is grayed out entirely. This worked fine on the old router, and I did manage to get it working finally on the new one by running this script:

Code:
LAN=`nvram get lan_ipaddr`/`nvram get lan_netmask`
iptables -t nat -I POSTROUTING -o br0 -s $LAN -d $LAN -j MASQUERADE

I admittedly have no idea what that does. Found it on the forums here.

It does exactly the same thing :)
 
1) which port are you forwarding?
2) How are you testing that it isn't forwarding correctly, from inside your internal network? or from outside if its from outside what source? friend's house? school network? your company network? Lots of networks block certain traffic, for example: my company and local school do not let any SSH port 21 traffic through whatsoever.
3) How have you confirmed that your dyndns address is pointing to the correct IP? Ping and whatsmyip.com? or checked router status?
4) can you connect directly to the server from inside your own network by using it's private ip directly? Basically, is the server actually working?
What do you mean your links setup as your dns name? You have some page with a link that goes to your DYNDNS account which should redirect to your IP, and that doesn't work, but using your outside IP directly works fine? If that is the case, again, how are you confirming the ip's from dyndns match your side of things?

  1. A couple different ports, 80 is one of them.
  2. Well the plot thickens. Like i mentioned in my previous post, I got it working after running that script. I was unable to access the server by host name being on the internal network, but outsiders were able to access it. So it was just not working internally. I at first assumed it wasnt working externally either but I was wrong in that assumption.
  3. Yes, the DNS is up to date. External users can connect as well.
  4. I think I've already covered this but before I ran that script, I was only able to access it by using the internal IP address, not my home's IP.
 
  1. A couple different ports, 80 is one of them.
  2. Well the plot thickens. Like i mentioned in my previous post, I got it working after running that script. I was unable to access the server by host name being on the internal network, but outsiders were able to access it. So it was just not working internally. I at first assumed it wasnt working externally either but I was wrong in that assumption.
  3. Yes, the DNS is up to date. External users can connect as well.
  4. I think I've already covered this but before I ran that script, I was only able to access it by using the internal IP address, not my home's IP.
oh, so it's all fixed? Except im not familiar with that command, and i'm not sure turning off your firewall (if thats what that command does) is smart. Good luck.
 
oh, so it's all fixed? Except im not familiar with that command, and i'm not sure turning off your firewall (if thats what that command does) is smart. Good luck.

Well the firewall was never on. Maybe this is a really dumb question but.... do i really need to have the firewall turned on for the router when every computer ont he network has its own firewall anyways? The network is secured with a password of course.
 
Back
Top