Port forwarding for SSH not working on WRT54G2
Hi,
I have forwarded a few ports, but can't get port 22 for SSH to work. I can SSH from within LAN, so that works. And I can access FTP from outside the LAN, when I forwarded that port. But to the same computer where I can access FTP I can't access SSH...
Would be grateful for assistance. Btw, I'm using dynamic IP (through DynDNS, but not using the DynDNS tool in the Linksys interface). I've tried with both the dynDNS domain and the IP address. And I have set a fixed IP address on the server I try to access.
Thanks,
Daniel
Make sure that if you are forwarding the port nos for SSH on WRT54G2 you need to forward it for the assinged static ip address & it should work great..just try it once.
Similar Messages
-
X11 Forwarding with SSH not working [SOLVED]
I'm trying to follow the X11 forwarding guide on the wiki but to no avail.
I'm using Putty and Xming from a Windows machine to SSH into the ArchLinux machine over my home network.
When I log in through SSH with X11 forwarding enabled, my display variable is set to "localhost:10.0". Running xclock gives me the following error: "Error: Can't open display: localhost:10.0".
I'm pretty sure Xming isn't the problem, since if I manually change the DISPLAY variable to "[my windows machine IP]:0.0", I can run xclock and see it appear.
From what I can see, it should be working.
Complete sshd_config below:
# $OpenBSD: sshd_config,v 1.87 2012/07/10 02:19:15 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# The default requires explicit activation of protocol 1
#Protocol 2
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#RSAAuthentication yes
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedPrincipalsFile none
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
#AllowAgentForwarding yes
AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes
PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
UsePrivilegeSeparation sandbox # Default for new installations.
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /run/sshd.pid
#MaxStartups 10
PermitTunnel yes
#ChrootDirectory none
#VersionAddendum none
# no default banner path
Banner /etc/issue
# override default of no subsystems
Subsystem sftp /usr/lib/ssh/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server
Last edited by gixr (2013-01-11 22:37:35)It's easy.
Start Xming.
Configure SSH (here's my confg):
# $OpenBSD: sshd_config,v 1.84 2011/05/23 03:30:07 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# The default requires explicit activation of protocol 1
#Protocol 2
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#RSAAuthentication yes
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
#AllowAgentForwarding yes
AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /run/sshd.pid
#MaxStartups 10
#PermitTunnel no
#ChrootDirectory none
# no default banner path
#Banner none
# override default of no subsystems
Subsystem sftp /usr/lib/ssh/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server
Putty setting: http://i.ztjuh.tk/20130111075624803.png
Click on Open and run your program
Last edited by Ztjuh (2013-01-11 08:01:00) -
X forwarding via ssh not working
hi!
since i've updated to leopard, i have no longer been able to forward X sessions via ssh (ssh -Y $username@$remotehost)
i can login into the remote host, but X forwarding simply doesn't work, i.e. the app never opens. i've tried with vlc mainly.
also i've noticed that if i try starting an app like xclock locally, it doesn't show up.
here's the content of DISPLAY locally
Macintosh:~ asymmetric$ echo $DISPLAY
/tmp/launch-35MU2b/:0
while on the remote machine it's something along the lines of
localhost:12.0
i haven't updated to the "unofficial" xquartz releases, so the openssh version here is OpenSSH_4.7p1, OpenSSL 0.9.7l 28 Sep 2006
any ideas?
thanks
asyi forgot to mention it, but i'm trying to connect to a GNU/Linux box. Don't know if it's the same for you.
I do have a Linux system at the other end of my ssh -Y connection (RHEL4).
From the RedHat system I see the following information:
% printenv | grep -i ssh
SSH_CLIENT=::ffff:xxx.xxx.xxx.xxx 60264 22
SSH_TTY=/dev/pts/13
SSH_ASKPASS=/usr/libexec/openssh/gnome-ssh-askpass
SSH_CONNECTION=::ffff:xxx.xxx.xxx.xxx 60264 ::ffff:yyy.yyy.yyy.yyy 2
% grep X11Forwarding /etc/ssh/sshd_config
X11Forwarding yes
% echo $DISPLAY
localhost:15.0
The following is the Mac OS X info:
% echo $DISPLAY
/tmp/launch-MoVGGO/:0
% grep X11Forwarding /etc/ssh/sshd_config
X11Forwarding yes
% ssh -Y remote.system.address
Make sure you are not setting your own $DISPLAY environment variable.
Do you have a $HOME/.xinitrc ?? If so, how much does it differ from
/usr/X11/lib/X11/xinit/xinitrc -
Port Forwarding / Mapping is not working !?
I've tried everything, searched on Google and nothing seems to work !
First of all, let me explain my problem. I have a Time Capsule connected to my Modem. From my Time Capsule I have a Airport Extreme connected by ethernet on my second floor. So what I want to do is to open the ports 6112 to 6118 on my iMac which is connected by ethernet to my Airport Extreme.
*These are my setting on my Airport Extreme:*
Connexion via Ethernet in bridge mode.
IPv4: via DHCP
*These are my setting for my iMac's network:*
IPv4: DHCP with a manuel ip adress set to 10.0.1.201
*These are my settings on my Time Capsule:*
Connexion via Ethernet and sharing a public Ip adress.
IPv4: Via DHCP
First DHCP Adress : 10.0.1.2
Last DHCP Adress: 10.0.1.200
NAT-PMP Activated
*I also opened the ports in the port mapping section, these are my settings:*
Service: I didn't choose a service
UDP Ports public: 6112-6119
TCP Ports Public: 6112-6119
Private Ip adress: 10.0.1.201
UDP Ports private: 6112-6119
TCP Ports Private: 6112-6119
Now, when I go on the website: http://www.whatsmyip.org/ports/
and do a port test, it says it is closed, there must be something i am doing wrong...
Now if you are wondering why I have set my iMacs IP Address to 10.0.1.201, it is because on all the website I searched an answer they were telling my to put my iP address bigger than the First-Last DHCP Range of my Time Capsule which ends at 10.0.1.200, so I've put 10.0.1.200. I have also tried with other ranges and another ip address within the range and everything, but nothing has worked.
I really hope someone will/can help me,
Thank You very much for your help, and also sorry for my English as I am not very good at it because it isn't my primary language.
Thank you for your comprehension.This is just a guess, but if you still have that AirPort Extreme, you might plug it in long enough to have AirPort Utility do a File >Export Configuration File, then reconnect the Time Capsule and do a File > Import Configuration File. Once that's done you may have to do a little adjustment to account for the disk drive.
-
E3200 Port forwarding doe's not work
I have Linksys E3200 and do forwarding as described Here, but it act like it does not check forwarding rules, no forwarding happens, I'm trying to open RDP(3389) port, from local network I can connect normally. routers firmware version is Ver.1.0.05, I have protocol analizer on pc where i'm trieing to forward packet, the packets don't reach PC on 192.168.0.254
Internet Service Provider and Modem Configurations
What ISP Service do you have? Cable or DSL?
What ISP Modem Mfr. and model # do you have? -
Port forwarding, NAT, SSH and Transmission.
A couple of days ago I decided to setup the Transmission daemon, along with automatization for my downloads. Recently, however, to put a layer of security around my laptop, I set up a wireless router I had lying around that is now connected with a wire to my laptop. The reason for this is that I have no idea how iptables work yet, and until then I decided this will suffice for the moment. One of the problems though (yes, problems seems to come in twenty-fold where my luck is concerned), is that when I rewire my laptop directly to the internet, without the router, NetworkManager or Archlinux doesn't reset the ip address, which for some reason jumps to 192.168.1.122, which it never uses otherwise. I haven't yet tried reinstalling networkmanager, but when I did turn it off, dhcpdcd assigned the same address... The problem here being that it shouldn't assign a LAN-address, I'm directly connected to the internet. Sidenote here though; my internet connection is just a plug in the wall, the operators here (I live on a kind of campus), probably only use a network-switch to relay the traffic to the socket.
That's that, my wired network doesn't work directly, only via the wireless router, wired or wireless. Because of this, I have to use port-forwarding for SSH (to test if the port forwarding works), and the Transmission daemon with an rcmp port of 9091., which was my intention in the first place. I have no idea if logging into my.ip.address.here:9091 in a browser would work, I just used localhost:9091.
Now for the results:
$ nmap -sT xx.xxx.xx.xx
Starting Nmap 5.21 ( http://nmap.org ) at 2010-06-14 19:42 CEST
Nmap scan report for xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Host is up (0.038s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp filtered ssh
53/tcp open domain
80/tcp open http
9091/tcp filtered unknown
Here it shows that the ports are actually not closed, but they're not exactly opened either, from what I gathered from the internet.
SSH shows the true problem:
$ ssh neal@xxxxxxxx
ssh: connect to host xxxxxxxx port 22: Connection timed out
SSH-ing to 192.168.0.102 (my internal ip) works, as does to localhost, same for Transmission webGUI. Before I used port-forwarding ssh would correctly say that it couldn't get traffic from the router.
My router is a cheap solution to another problem I had, but it should work like any router. It's a Sitecom WL-607. I disabled login authentication for the moment. Also, there is no filtering going on in the firewall. Like I said earlier, I don't get iptables, so that's not being used. The hosts file allows all and denies nothing.
TLDR version; I'm using port-forwarding on my Sitecom WL-607, but all ports except http and the 53 port are being blocked.
Is there something I'm missing here?
Thanks in advance,
Neal van Veen.by default, all routers assign there clients an ip address from there internal pool of addresses, your wireless router is assigning you that address and then NAT's the connection with the WAN side, but even after directly plugging in to the wall socket you still dont get a new ip address, use dhcpcd <mydev> in terminal to reresh dhcp lease. if not then your campus/location/etc may also be using NAT on there own side.
as for the ports, iptables doesnt block any traffic by default, it allows everything. if there is filtering, it is from your wireless router.
on the above ssh and nmap scans, did u use your lan ip, or your public ip. -
I am on a Windows 7 Ultimate PC and right now there is no Airport utility for setting up the new Apple Extreme so you have to do it on your iPad or iPhone. Does anyone know how to set up port forwarding for HTTP to get to DVR security cameras? There is nothing in the list that indicates HTTP port forwarding.
Thanks for your reply Tesserax as I did figure this out on my own. It took a bit because all of the options are not clear what they are for like the previous Airport Extreme and Apple does not support or guarantee that port forwarding will work for you application nor did any of the Apple support persons I spoke too have any knowledge for this feature. You also have to fill in the public if you are viewing through someone else's Wi-Fi or on your cell phone carrier network. This new Airport Extreme is a bit different since you cannot use the Airport utility on a PC like the older model and if anyone else is reading this they should be aware that if you do not have an Apple computer, iPhone or iPad and I'm not sure if some of the other network enabled devices like iPod Touch that you must use that can do it, there is no Airport utility for the PC and you would be wasting your money or have to take it back and get another brand wireless router to use if you do not own any of the above mentioned Apple products.
-
[Solved] SSH not working (ISP blocks my port 22)
OK full story:
I want to be able to connect to my home arch linux box from school. The setup there are winxp machines whit putty on my usb or the pc itself. I know that my school is not blocking any ports as my friend can connect to his linux box at home. (also ssh)
These are things i did and can think of i need to to do get ssh working:
Before everything else i started to configure my Linsys router.
My ISP gives me an Dynamic IP so i need to use the dyndns.org service. I made an account and configured my linsys router DDNS tab to work with the account. I got into the port forward tab an putted in ssh port forwarding (on port 22 TCP for my ip 192.168.1.102 => did ifconfig to be sure). Port forwarding for port 9091 is also on for my transmission webgui i'm saying this here because this works when i'm at school.
1. Installed openssh
# pacman -S openssh
All installed fine.
2. I've put the sshd into the daemon part of my rc.conf file.
DAEMONS=(syslog-ng network netfs crond @alsa @g15daemon @samba @sshd dbus hal)
3. Hosts.allow file =
# /etc/hosts.allow
SSHD: ALL
# End of file
4. Hosts.deny =
# /etc/hosts.deny
ALL: ALL: DENY
# End of file
5. sshd_config file =
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
#Port 22
#AddressFamily any
ListenAddress 0.0.0.0
#ListenAddress ::
# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit
# activation of protocol 1
Protocol 2
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
LoginGraceTime 120
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
#ChrootDirectory none
# no default banner path
Banner /etc/issue
# override default of no subsystems
Subsystem sftp /usr/lib/ssh/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server
6. ssh_config file=
# $OpenBSD: ssh_config,v 1.25 2009/02/17 01:28:32 djm Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
Host *
# ForwardAgent no
# ForwardX11 no
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2
# Cipher 3des
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,[email protected],hmac-ripemd160
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
HashKnownHosts yes
StrictHostKeyChecking ask
7. Im sure SSH is running i even did => /etc/rc.d/sshd restart
8. I have never installed any firewall on my arch box (that i know off). I can connect to it using my other linux laptop
ssh -p 22 192.168.1.102 => works
ssh -p 22 xxxxxx.dyndns.org => works (xxx replaced by my dyndns.org domain)
ssh -p 22 9x.xxx.xxx.xx5 => works (xxx is my normal WAN ip offcourse)
Keep in mind that transsmission port forwarding is working fine. I can connect from everywhere to my webgui wich is on port 9091. Anyone can help me get whats wrong?
Last edited by Redostrike (2010-02-25 17:06:14)Wild guess but:
# /etc/hosts.allow
SSHD: ALL
# End of file
I don't know if this is case-sensitive, but if it is: it should be "sshd".
If it doesn't work, doesnt hurt to try. -
Not enough port fields in port forwarding for Linksys E4200
I have always used netgear routers in the past. After a series of issues regarding configurations not working correctly I invested in what appeared to be a semi pro router, the cisco linksys e4200.
I have a centralized server which I use to access a mass of different services such as mail, dns, VPN, FTP, Kerberos, http and many more. While I am not a massive networking nerd, this server setup is like my garage project. To access these services externally to my LAN as far as I understand I would need to configure port forwarding for each service to my server. Unfortunately the control panel for the linksys E4200 only offers about 15 custom port fields for forwarding, and some documentation I have read shows that with it's basic install my server could be using up to 60 ports at once.
Is this router just not suitable for this sort of network. If so I will be very disappointed because I have spent a quarter of the price on netgear routers with more control than this.
If anybody could assist with details and options I would greatly appreciate itWrong forum, use "small business routers".
-
Port Forwarding for L2TP/IPSec VPN Behind Verizon Actiontec MI424WR-GEN2 Rev. E v20.21.0.2
I've got a NAS setup with various services running on custom ports to help minimize exposure (especially to script kiddies). I've tested everything both internally and externally to confirm they all work, and even had someone at a remote location confirm accessibility as well. Port forward configurations performed on the Actiontec are working well.
I installed an L2TP/IPSec VPN server, tested internally and it connected successfully. So for all intents & purposes, this validates that the VPN server is correctly configured to accept inbound connections and functioning correctly.
I logged into the Verizon Actiontec MI424WR router, setup port forwarding for UDP ports 500, 1701 & 4500.
Note: I added the AH & ESP protocols based on what I saw on the built-in L2TP/IPSec rules
With the port forwarding in place, I tested VPN externally but it didn't connect.
I've done the following so far to no avail:
Double & triple checked the port forwards, deleted & recreated the rules a few times to be sure
There are no other pre-existing L2RP/IPSec port forward rules or otherwise conflicting port forward rules (e.g.: another rule for ports 500, 1701 or 4500)
There was an L2TP port triggering rule enabled, that I toggled on and off with no change
Verified the firewall on VPN server had an exclusion for L2TP, or that the firewall is off. (Firewall is off to reduce a layer of complexity, but it worked internally to begin with so I doubt that's the issue.)
Since it works internally, and there are no entries in the logs on the device indicating inbound connections, I'm convinced its an issue with the Verizon Actiontec router. But unfortunately, I'm not sure what else to try or where else to look to troubleshoot this. For instance, is there a log on the router that I can view in real time (e.g.: tail) that would show me whether or not the inbound connection attempt is reaching the device, and whether or not the device allowed or blocked it?
My router details:
Verizon Actiontec
MI424WR-GEN2
Revision E
Firmware 20.21.0.2
Verizon Actiontec built-in L2TP/IPSec rule templates. They're not currently in use, but are baked into the firmware for easy configuration/selection from a drop down menu.
Solved!
Go to Solution.normally a vpn on that router, will have a GRE tunneling protocol as well.
two ways to build the PF rules,
Manually
Preconfigured
I know the preconfigured VPN rules will do the GRE protocol as well, but if you do it by hand you can't get it. -
TS2972 How do you port forward for Home Sharing ?
I want to home share with my apple tv and it's not working, so i think i need to port forward for home sharing on my apple tv. But i dont know how to port forward :S
I use an application called port map. http://www.codingmonkeys.de/portmap/ Make sure you download the landlubbers version. When you open it add a port called minecraft with the port 25565
-
Homehub 5 port forwarding for Windows Homeserver 2...
Hi
Has anybody any solutions on setting up the HH5 for Windows Homeserver 2011
I've inputted all the rules manually as WHS couldn't complete the task, to find ports 80, 443, 4125 remain closed after manual input.
WHS reply's with UPnP not working / router not working.
BT customer services quite appalling and I'm not paying for Tech Support as the package is only 6 months old and I feel I shouldn't have to pay for a product that isn't working correctly, if it was over 12 months I understand I should pay.
I've manually inputted and setup port forwarding for my Iphone app and Android and they've finally started working.
Cheers
Solved!
Go to Solution.Can you just put WHS in the DMZ on the HH5?
If you found this post helpful, please click on the star on the left
If not, I'll try again -
Help with port forwarding for the WRT54G
I need assistance please!
I am having issues trying to setup port forwarding for a ftp. I already have set this up for a SQL Server port and it works remotely. When I setup another rule for ftp using port range 20-21 it does not work.
I have confirmed that I have saved my settings, have the correct IP address, etc. I have firmware version 4.21.1 and not sure how to troubleshoot this. Any help would be great.
Thanks,
JohnYes you do need to have the port already forwarded for port 20~21 with both TCP/IP and UDP enabled unless you know for sure your ftp only uses just one of them. That is why I asked what port your SGL was set to. Follow the link that other guy posted and open port 20 and 21 (I only use 21 with no problems) and make sure it is directed to the IP of the ftp host. Also that PC needs to have the FTP enabled in windows. To do that go to your control panel > add/remove software > and on the left side go to add/remove windows components. Then check the box for the ftp and add it. It should ask for your windows CD do have it handy when you add the ftp component to your PC.
Richard Aichner (Ikester) -
My USB port on my Macbook Pro stopped working and i tried the SMC reset and the one closest to the SD port still continues to not work. Is there anything i can do besides bringing it in?
I would do another SMC reset. If nothing changes you should take the computer in to an Apple store for a free diagnostic. You should make an appointment.
http://www.apple.com/retail/geniusbar/ -
How do you set up Port Forwarding for ARD 2.2 in AEB N?
Help,
I'm a novice at Apple Remote Desktop (ARD) - not an IT guy, so it has to be pretty basic and detailed.
How do you set up Port Forwarding for ARD 2.2 on the Apple Airport Extreme BS router, 802.11 N. I have one at each end of the internet connection. At one end I have an Airport Extreme N router with 2 macs and eventually 1 windows XP machine (if I can) that I would like to be able to connect to over the interenet (the clients) and at the other end, I have a Mac with ARD 2.2 installed also with an Airport Extreme N router. Note: Both routers use Static IP addresses and all computers use static IP's internally not through DHCP. What are the settings or directions to do this.
I have read and printed out the directions for Configuration of ARD 3.0 that are posted many times in the ARD discusion group, but it uses a Linksys router ( http://www.starkpr.com/ard.htm posted by Dave Sawyer). The Mac router is different, particularly with the place to set a Private IP address. I'm not sure about alot of things, but especially about the Private IP address, what number do I set it to, the one that is in my Network connections list? It automatically changes to a different number in AE N setup for Port Forwarding (by one) as if it is not suppose to the same?????
Are there any directions available that are as straight forward for the Airport Extreme N router, as the one's that are listed here for the Linksys Router's? ( http://www.starkpr.com/ard.htm )
Any and All help will be greatly appreciated.
P.S. I know I should have 3.0 but bought 2.2 just weeks before 3.0 came out and they would not give me an upgrade price, so I'm waiting for 4.0 to upgrade.
Thanks,
JimTry the following for each AirPort Extreme ...
AEBSn - Port Mapping Setup
To setup port mapping on an 802.11n AirPort Extreme Base Station (AEBSn), either connect to the AEBSn's wireless network or temporarily connect directly, using an Ethernet cable, to one of the LAN port of the AEBSn, and then use the AirPort Utility, in Manual Setup, to make these settings:
1. Reserve a DHCP-provided IP address for the host device.
Internet > DHCP tab
o On the DHCP tab, click the "+" (Add) button to enter DHCP Reservations.
o Description: <enter the desired description of the host device>
o Reserve address by: MAC Address
o Click Continue.
o MAC Address: <enter the MAC (what Apple calls Ethernet ID if you are using wired or AirPort ID if wireless) hardware address of the host computer>
o IPv4 Address: <enter the desired IP address>
o Click Done.
2. Setup Port Mapping on the AEBSn.
Advanced > Port Mapping tab
o Click the "+" (Add) button
o Service: <choose the appropriate service from the Service pop-up menu>
o Public UDP Port(s): 3283
o Public TCP Port(s): 3283
o Private IP Address: <enter the IP address of the host server>
o Private UDP Port(s): 3283
o Private TCP Port(s): 3283
o Click "Continue"
o Click the "+" (Add) button
o Service: <choose the appropriate service from the Service pop-up menu>
o Public UDP Port(s):
o Public TCP Port(s): 5900
o Private IP Address: <enter the IP address of the host server>
o Private UDP Port(s):
o Private TCP Port(s): 5900
o Click "Continue"
o Click the "+" (Add) button
o Service: <choose the appropriate service from the Service pop-up menu>
o Public UDP Port(s):
o Public TCP Port(s): 5988
o Private IP Address: <enter the IP address of the host server>
o Private UDP Port(s):
o Private TCP Port(s): 5988
o Click "Continue"
(ref: "Well Known" TCP and UDP ports used by Apple software products)
Maybe you are looking for
-
Using office professional plus 2013 with Ipad
is it possible for us to use office profession plus 20123 wth Ipad?
-
How do I navigate to the Adobe screen shot settings/preferences?
I know how to take a screen shot... there is a way that you can change the preferences on the actual image that you "snap shot" like reduce the DPI etc
-
Function module for adding number of months to the date
Hi, Is there any function module to get the date by adding number of months... Regards, Yadagiri
-
I did a wedding edit in FCP x 10.1.1, everything was going well until a black out happened. Now every time I try to open it, it just says Loading "Wedding" event. Please anyone..HELP!
-
Trying to upgrade from Win 8 to Win 8 Pro, missing "add features"
Hello, I bought a new laptop that has Win 8 preinstalled on it. I can't figure out how to tell what edition, I think it's Home something or other. I've tried following the directions at: http://windows.microsoft.com/en-US/windows-8/feature-packs Whe