HELP!! asa 5505 8.4(5) problem with port forwarding-smtp

Similar Messages

• Problem with Port Forwarding in WRT320N

  Good day.
  I have a web-server and Internet-radio translator to local network of my provider. And I found a problem with Port Forwarding. I'm trying to setup 80 & 8000 ports to forward. And it's working but only for Internet, without provider's local network. My web-server isn't accessible in local network and radio-translator too. 
  So is it possible to forward ports absolutely - for any type of connections? 
  P.S. DMZ is working like Port Forwarding.

  If you ask questions you have to mention that you have an PPTP connection to the internet and another network directly on the internet port. Otherwise noone will really understand your question as it is a very unusual setup.
  Your setup is not one really supported by the router. You are lucky that it works but don't expect too much. Port forwarding only the internet connection. If you use PPTP the network on the internet port is basically hidden. Using that local network on the internet port is not supported.
  The DMZ host is the IP address to which all ports are forwarded to which are not forwarded otherwise. The same restriction applies here.
  I would recommend to ask your ISP which router they recommend for their internet connection. I think most/all Linksys routers and many other brand's consumer routers won't really support a setup like yours...

• Problem with Port Forwarding (when PPTP is up) in WRT-160N

  Hi, everybody!
  I'm looking for some help with Port Forwarding in my new router from Linksys. I've bought the router afew daysago, and was badly surprised when I found out that there is DD-WRT firmware is installed in it (the router was 100% NEW when I've purchased it). I have downloaded the latest original Linksys firmware file and successfully flashed it.
  But I still have problem (same I had on DD-WRT firmware too) with port forwarding for my DC++ and Vuze (app for torrents): I've written port forward for ports 49151 (for Vuze) and 4000 (for DC++) to be forwarded to my desktop computer (IP 192.168.1.201) -- I've seen a post at this forum, that there could be a problem, if you forward to an IP, which is inside DHCP local zone, so I've forwarded it to .201 IP (my local DHCPzone is 192.168.1.100 - .149). But forwardind doesn't work ((
  What's wrong?
  My configuration:
  Router IP: 192.168.1.1
  PPTP (I've got it from my ISP)
  IP address: 192.168.226.127
  Default Gateway: 192.168.226.2
  DNS 1: 192.168.1.1
  DNS 2 & 3: 0.0.0.0
  PPTP Server IP Address: 192.168.226.2
  Username: ****
  Password: ****
  Single Port Forwarding:
  Application name     External port     Internal port     Protocol     To IP address     Enabled
  Vuze                       49151               49151             Both           192.168.1.201    Checked
  DC                          4000                 4000              Both           192.168.1.201    Checked
  Solved!
  Go to Solution.

  As you have mentioned in your post that your ISP has provided you a PPTP connection with an IP address: 192.x.x.x. The IP address which is provided to you by your ISP is in a Private Range, and if you try to forward any ports on your router it will not work, as your ISP modem will block that port. So you need to get a Public IP address from your ISP.
  As you are getting Private IP from your ISP, so this connection is called as NAT behind NAT, and your Modem is acting like a Router. 
  So now you have 2 options, get the Public IP address from your ISP or change the connection type. 

• ASA 5505 - 2 Internet Connections, Problems with the Default Route

  Hey there,
  i have a Problem at a Customer Site at the moment. The customer uses an ASA 5505 with two internet connections attached to it. On the first connection (which is the only one in use at the moment) he has some Static-PAT's from Outside to Inside where he translates different services to the internal servers. He also has a site-2-site VPN terminating there and AnyConnect.
  He now wants to switch the Internet Traffic from Inside to the new Internet Connection. Therefore changing the default route to that new ISPs Gateway. The problem now is, that no traffic recieved on the old "outside" Interface is transmitted back out of that old "outside" Interface. And this happens although the "same-security permit intra-interface" command is set.
  Can you tell me what's wrong here? For every Static-PAT from outside to inside there is also a dynamic PAT from inside to outside. But the ASA seems to ignore this. I have not looked into the Logs yet, was too busy finding the problem because i had no real time window to test on the productive ASA.
  Can it be achieved in any way? Having a default route on the ASA which leads any traffic to the second internet connection while still having connections on the first internet connection where no explicit route can be set? Because connections arrive from random IPs?
  Many thanks for your help in advance!
  Steffen

  Phillip, indeed , I have as well read may comments,it all depends on your environment as they all differ from one another, you best bet is to have a good solid plan for upgrade and fall back. You do have a justification to upgrade for features needed, so I would suggest the following:
  1- Do a search again in forum for ASA code upgrades and look at comments from users that have gone through this process and note their impact in fuctionality if any. I believe this is good resource to collect information .
  2- Very important , look into release notes for a particular version. For example version 8.0, look into open CAVEATS usually at the end of the link page, reading the open bugs gives you clues what has not yet been resolved for that particular code and if in fact could impact you in your environment, it is possible that a particular bug does not realy apply to your environment becuase you have yet not implemented that particualr configuration. Usually we all try to aim towards a GD (General Deployment) code which is what we all understand is most stable but not necesarily means you have to be stack in that code waiting for another GD release, in my personal experience I have upgraded our firewall from 7.2 to 8.0(3) long ago and had no issues, and recently upgraded to 8.0(4)when it was first release in August this year.
  Release notes
  http://www.cisco.com/en/US/products/ps6120/prod_release_notes_list.html
  3- AS a good practice precaution -
  a-Backup firewall configs in clear text as well as via tftp code.
  b-Backup running code and ASDM version code currently running in firewall.
  c- Save the output of " show version " to have as reference for all the feature licenses you currently have running as asll as activation keys - good info to have to compare with after upgrade.
  d- Ensure that the code you will be using to upgrade also uses correct ASDM version code.
  I think with thorough assesment and preparation you can indeed minimize impact.
  Rgds
  Jorge

• Two Cisco ASA 5505, IPSec Multiple Subnets, Problem with Phase2, DSL

  Hi all.
  we have following IPSec configuration:
  ASA Site 1:
  Cisco Adaptive Security Appliance Software Version 9.1(1)
  crypto ipsec ikev1 transform-set TSAES esp-aes-256 esp-sha-hmac
  crypto ipsec ikev1 transform-set TSMD5 esp-3des esp-md5-hmac
  crypto ipsec ikev2 ipsec-proposal PropAES256
  access-list SITE_2 extended permit ip 172.27.0.0 255.255.0.0 172.27.97.0 255.255.255.0
  access-list SITE_2 extended permit ip 172.28.60.0 255.255.254.0 172.27.97.0 255.255.255.0
  access-list SITE_2 extended permit ip 172.22.0.0 255.255.0.0 172.27.97.0 255.255.255.0
  access-list SITE_2 extended permit ip 172.27.0.0 255.255.0.0 172.27.99.0 255.255.255.0
  access-list SITE_2 extended permit ip 172.22.0.0 255.255.0.0 172.27.99.0 255.255.255.0
  crypto map CMVPN 5 match address SITE_2
  crypto map CMVPN 5 set peer IP_SITE2
  crypto map CMVPN 5 set ikev2 ipsec-proposal PropAES256
  crypto map CMVPN interface OUTSIDE
  route OUTSIDE 172.27.97.0 255.255.255.0 citic-internet-gw 255
  route OUTSIDE 172.27.99.0 255.255.255.0 citic-internet-gw 255
  tunnel-group IP_SITE2 type ipsec-l2l
  tunnel-group IP_SITE2 general-attributes
  default-group-policy VPN_S2S_WAN
  tunnel-group IP_SITE2 ipsec-attributes
  ikev2 remote-authentication pre-shared-key *****
  ikev2 local-authentication pre-shared-key *****
  ASA Site 2:
  Cisco Adaptive Security Appliance Software Version 9.1(4)
  access-list SITE_1 extended permit ip 172.27.97.0 255.255.255.0 172.28.60.0 255.255.254.0
  access-list SITE_1 extended permit ip 172.27.97.0 255.255.255.0 172.27.0.0 255.255.0.0
  access-list SITE_1 extended permit ip 172.27.97.0 255.255.255.0 172.22.0.0 255.255.0.0
  access-list SITE_1 extended permit ip 172.27.99.0 255.255.255.0 172.27.0.0 255.255.0.0
  access-list SITE_1 extended permit ip 172.27.99.0 255.255.255.0 172.22.0.0 255.255.0.0
  crypto map CMVPN 10 match address SITE_1
  crypto map CMVPN 10 match address SITE_1
  crypto map CMVPN 10 set peer IP_SITE1
  crypto map CMVPN 10 set ikev2 ipsec-proposal IKEV2AES
  crypto map CMVPN 10 set reverse-route
  crypto map CMVPN interface OUTSIDE
  tunnel-group IP_SITE1 type ipsec-l2l
  tunnel-group IP_SITE1 general-attributes
  default-group-policy VPN_S2S_WAN
  tunnel-group IP_SITE1 ipsec-attributes
  ikev2 remote-authentication pre-shared-key *****
  ikev2 local-authentication pre-shared-key *****
  We are not able to reach from 172.22.20.x ips 172.27.99.x.
  It seems so that the phase2 for this subnet is missing…...... as long as we try to reach from 172.27.99.x any ip in 172.22.20.x.
  We are using similar configuration on many sites and it works correctly expect sites with DSL line.
  We can exclude problem with NAT,ACL or routing. The connection is working fine as long as “we open all phase 2 manually” . After re-open (idle timeout) the tunnel the problem comes back.
  Thanks in advance for your help.
  Regards.
  Jan
  ASA Site 1# sh vpn-sessiondb detail l2l filter ipaddress ASA Site 2
  Session Type: LAN-to-LAN Detailed
  Connection   : IP ASA Site 2
  Index        : 3058                   IP Addr      : IP ASA Site 2
  Protocol     : IKEv2 IPsec
  Encryption   : IKEv2: (1)AES256  IPsec: (3)AES256
  Hashing      : IKEv2: (1)SHA512  IPsec: (3)SHA1
  Bytes Tx     : 423634                 Bytes Rx     : 450526
  Login Time   : 19:59:35 HKT Tue Apr 29 2014
  Duration     : 1h:50m:45s
  IKEv2 Tunnels: 1
  IPsec Tunnels: 3
  IKEv2:
    Tunnel ID    : 3058.1
    UDP Src Port : 500                    UDP Dst Port : 500
    Rem Auth Mode: preSharedKeys
    Loc Auth Mode: preSharedKeys
    Encryption   : AES256                 Hashing      : SHA512
    Rekey Int (T): 86400 Seconds          Rekey Left(T): 79756 Seconds
    PRF          : SHA512                 D/H Group    : 5
    Filter Name  :
    IPv6 Filter  :
  IPsec:
    Tunnel ID    : 3058.2
    Local Addr   : 172.22.0.0/255.255.0.0/0/0
    Remote Addr  : 172.27.97.0/255.255.255.0/0/0
    Encryption   : AES256                 Hashing      : SHA1
    Encapsulation: Tunnel
    Rekey Int (T): 28800 Seconds          Rekey Left(T): 22156 Seconds
    Rekey Int (D): 4608000 K-Bytes        Rekey Left(D): 4607648 K-Bytes
    Idle Time Out: 25 Minutes             Idle TO Left : 24 Minutes
    Bytes Tx     : 312546                 Bytes Rx     : 361444
    Pkts Tx      : 3745                   Pkts Rx      : 3785
  IPsec:
    Tunnel ID    : 3058.3
    Local Addr   : 172.27.0.0/255.255.0.0/0/0
    Remote Addr  : 172.27.97.0/255.255.255.0/0/0
    Encryption   : AES256                 Hashing      : SHA1
    Encapsulation: Tunnel
    Rekey Int (T): 28800 Seconds          Rekey Left(T): 22165 Seconds
    Rekey Int (D): 4608000 K-Bytes        Rekey Left(D): 4607952 K-Bytes
    Idle Time Out: 25 Minutes             Idle TO Left : 24 Minutes
    Bytes Tx     : 50014                  Bytes Rx     : 44621
    Pkts Tx      : 496                    Pkts Rx      : 503
  IPsec:
    Tunnel ID    : 3058.4
    Local Addr   : 172.27.0.0/255.255.0.0/0/0
    Remote Addr  : 172.27.99.0/255.255.255.0/0/0
    Encryption   : AES256                 Hashing      : SHA1
    Encapsulation: Tunnel
    Rekey Int (T): 28800 Seconds          Rekey Left(T): 22324 Seconds
    Rekey Int (D): 4608000 K-Bytes        Rekey Left(D): 4607941 K-Bytes
    Idle Time Out: 25 Minutes             Idle TO Left : 24 Minutes
    Bytes Tx     : 61074                  Bytes Rx     : 44461
    Pkts Tx      : 402                    Pkts Rx      : 437
  NAC:
    Reval Int (T): 0 Seconds              Reval Left(T): 0 Seconds
    SQ Int (T)   : 0 Seconds              EoU Age(T)   : 6648 Seconds
    Hold Left (T): 0 Seconds              Posture Token:
    Redirect URL :
  ....  after ping from 172.27.99.x any ip in 172.22.20.x.
  ASA Site 1# sh vpn-sessiondb detail l2l filter ipaddress ASA Site 2
  Session Type: LAN-to-LAN Detailed
  Connection   : IP ASA Site 2
  Index        : 3058                   IP Addr      : IP ASA Site 2
  Protocol     : IKEv2 IPsec
  Encryption   : IKEv2: (1)AES256  IPsec: (4)AES256
  Hashing      : IKEv2: (1)SHA512  IPsec: (4)SHA1
  Bytes Tx     : 784455                 Bytes Rx     : 1808965
  Login Time   : 19:59:35 HKT Tue Apr 29 2014
  Duration     : 2h:10m:48s
  IKEv2 Tunnels: 1
  IPsec Tunnels: 4
  IKEv2:
    Tunnel ID    : 3058.1
    UDP Src Port : 500                    UDP Dst Port : 500
    Rem Auth Mode: preSharedKeys
    Loc Auth Mode: preSharedKeys
    Encryption   : AES256                 Hashing      : SHA512
    Rekey Int (T): 86400 Seconds          Rekey Left(T): 78553 Seconds
    PRF          : SHA512                 D/H Group    : 5
    Filter Name  :
    IPv6 Filter  :
  IPsec:
    Tunnel ID    : 3058.2
    Local Addr   : 172.22.0.0/255.255.0.0/0/0
    Remote Addr  : 172.27.97.0/255.255.255.0/0/0
    Encryption   : AES256                 Hashing      : SHA1
    Encapsulation: Tunnel
    Rekey Int (T): 28800 Seconds          Rekey Left(T): 20953 Seconds
    Rekey Int (D): 4608000 K-Bytes        Rekey Left(D): 4606335 K-Bytes
    Idle Time Out: 25 Minutes             Idle TO Left : 24 Minutes
    Bytes Tx     : 652492                 Bytes Rx     : 1705136
    Pkts Tx      : 7419                   Pkts Rx      : 7611
  IPsec:
    Tunnel ID    : 3058.3
    Local Addr   : 172.27.0.0/255.255.0.0/0/0
    Remote Addr  : 172.27.97.0/255.255.255.0/0/0
    Encryption   : AES256                 Hashing      : SHA1
    Encapsulation: Tunnel
    Rekey Int (T): 28800 Seconds          Rekey Left(T): 20962 Seconds
    Rekey Int (D): 4608000 K-Bytes        Rekey Left(D): 4607942 K-Bytes
    Idle Time Out: 25 Minutes             Idle TO Left : 24 Minutes
    Bytes Tx     : 60128                  Bytes Rx     : 52359
    Pkts Tx      : 587                    Pkts Rx      : 594
  IPsec:
    Tunnel ID    : 3058.4
    Local Addr   : 172.27.0.0/255.255.0.0/0/0
    Remote Addr  : 172.27.99.0/255.255.255.0/0/0
    Encryption   : AES256                 Hashing      : SHA1
    Encapsulation: Tunnel
    Rekey Int (T): 28800 Seconds          Rekey Left(T): 21121 Seconds
    Rekey Int (D): 4608000 K-Bytes        Rekey Left(D): 4607931 K-Bytes
    Idle Time Out: 25 Minutes             Idle TO Left : 24 Minutes
    Bytes Tx     : 70949                  Bytes Rx     : 50684
    Pkts Tx      : 475                    Pkts Rx      : 514
  IPsec:
    Tunnel ID    : 3058.5
    Local Addr   : 172.22.0.0/255.255.0.0/0/0
    Remote Addr  : 172.27.99.0/255.255.255.0/0/0
    Encryption   : AES256                 Hashing      : SHA1
    Encapsulation: Tunnel
    Rekey Int (T): 28800 Seconds          Rekey Left(T): 28767 Seconds
    Rekey Int (D): 4608000 K-Bytes        Rekey Left(D): 4608000 K-Bytes
    Idle Time Out: 25 Minutes             Idle TO Left : 24 Minutes
    Bytes Tx     : 961                    Bytes Rx     : 871
    Pkts Tx      : 17                     Pkts Rx      : 14
  NAC:
    Reval Int (T): 0 Seconds              Reval Left(T): 0 Seconds
    SQ Int (T)   : 0 Seconds              EoU Age(T)   : 7852 Seconds
    Hold Left (T): 0 Seconds              Posture Token:
    Redirect URL :

  Hi,
  on 212 is see
  tunnel-group 195.xxx.xxx.xxx type ipsec-l2l
  tunnel-group 195.xxx.xxx.xxx ipsec-attributes
  pre-shared-key
  When you define the peer with static tunnel-group entry ASA is looking for peer configuration in static crypto map. If the peer is behind static NAT configure a proper static crypto map with matching acl and proposals.
  If the peer is behind dynamic nat refer this example :http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/81883-ipsec-iosrtr-dyn-pix-nat.html
  Regards,
  Abaji.

• Problems with Port Forwarding for RDP in WebVPN

  Hi,
  I'm hoping somebody can help me solve this problem that's been bugging for weeks. We recently implemented a double-layer firewall architecture. Before that, our users can access RDP via port forwarding on WebVPN or the Cisco VPN client without any problems.
  After we implemented the double-layer firewall architecture, users who are going through the WebVPN and port forwarding for RDP began to experience frequent disconnections, slowness or freezing connections. The users who are using the client are fine.
  I checked the logs and I'm getting repetitive TCP-O for the port forwarding connections for RDP. Additional information: the FW we installed as a 2nd layer is Netscreen. I've already set the policy on it to Any-Any for the meantime to help in troubleshooting but to no avail. 
  I hope somebody can help me in sorting this out as I'm kind of confused on the difference between the port-forwarding for RDP via the WebVPN and the normal RDP via the client.  

  Hi,
  I didnt see anything marked with red in the above? (Atleast when I was reading)
  I have not really had to deal with Routers at all since we all access control and NAT with firewalls.
  But to me it seems you have allowed the traffic to the actual IP address of the internal server rather than the public IP NAT IP address which in this case seems to be configured to use your FastEthernet4 interfaces public IP address.
  There also seems to be a Static NAT configured for the same internal host so I am wondering why the Static PAT (Port Forward) is used?
  - Jouni

• Problem with Port Forwarding - Password.

  Hello,
  I have a LINKSYS router, model BEFW11S4 v4 and its firmware is version 1.52.02
  My problem is that neither can I do Port Forwarding nor Port Triggering, because when I make the changes I need and press "Save Changes", it asks me for the username and password again. I write them again, but this time it does not accept them.
  I have tested it with 2 laptops connected to the router wired the first time and wireless other times.
  What should I do?
  Thank you in advance.

  Normally, you cannot "see your modem" in your network.  This is because a modem does not have an IP address.  A modem simply converts one signal (ADSL, DSL, or cable) into another signal which is an ethernet signal.
  However, some devices that people call "modems" are actually "modem-routers".  In this case your "modem-router" probably does have an IP address.  If your system is set up correctly, you can "see"  a "modem-router" that has an IP address, but it is not part of your LAN (local area network).  It is on a another subnet.
  The ethernet port of the modem should be wired to the "Internet" port on the BEFW11S4.  Do not connect the modem to any other port on the router.
  Maybe we need to back up a step or two here.  I have always assumed that you were able to get a properly working wired Internet connection through your BEFW11S4.  Is that correct?
  What is the make and model of your modem?
  Who is your ISP?
  Also, when you set up your router, leave the username blank.   Do not try to add a user name.   Change the password to something unique.  Do not use the password default "admin"   (with no quotes).
  Since you are still having problems, please use the following protocol to reset your router to factory defaults: 
  1)  Power down all computers, the router, and the modem, and unplug them from the wall.
  2)  Disconnect all wires from the router.
  3)  Power up the router and allow it to fully boot (1-2 minutes).
  4)  Press and hold the reset button for 30 seconds, then release it, then let the router reset and reboot (2-3 minutes).
  5)  Power down the router.
  6)  Connect one computer by wire to port 1 on the router (NOT to the internet port).
  7)  Power up the router and allow it to fully boot (1-2 minutes).
  8)  Power up the computer (if the computer has a wireless card, make sure it is off).
  9)  Try to ping the router.  To do this, click the "Start" button > All Programs > Accessories > Command Prompt.  A black DOS box will appear.  Enter the following:  "ping 192.168.1.1"  (no quotes), and hit the Enter key.  You will see 3 or 4 lines that start either with "Reply from ... " or "Request timed out."   If you see "Reply from ...", your computer has found your router.
  10)  Open your browser and point it to 192.168.1.1.  This will take you to your router's login page.  Leave the user name blank, and in the password field, enter "admin"  (with no quotes).   This will take you to your router setup page.  Note the version number of your firmware (usually listed near upper right corner of screen).  Exit your browser.
  If you get this far without problems, try the setup disk (or setup the router manually, if you prefer), and see if you can get your router setup and working.
  If you cannot get "Reply from ..." in step 9 above, your router is dead.
  If you get a reply in step 9, but cannot complete step 10, then either your router is dead or the firmware is corrupt.  In this case, use the Linksys tftp.exe program to try to reload your router with the latest firmware.  After reloading the firmware, repeat the above procedure starting with step 1.
  If you have problems, report back the results of steps 9 and 10.  Also, if you get any error messages, copy them exactly and report back.
  Message Edited by toomanydonuts on 04-14-200705:19 PM

• Wrt400n has problems with port forwarding

  I have forwarded port 80 on my router and used a port forwarding tool to check to see if the port is open.  I select both and it tells me the UDP is open, but not the TCP.  Any idea why??  Thanks so much.  I have also used the same tool to check ports 3074, 88 and 53.  These ports are required for Xbox Live and I'm having an issue connecting.  it connect to the internet fine, but it appears this port may be the problem.  Please advise.

  Who is your ISP..?
  Port no 80 is by default on the router.You do not have to open the port 80.For x-box open the port 53 and 3074.Also,under the Administration tab,disable the UPnP and Uncheck Filter Filter Anonymous Internet Requests under Security tab...Reduce the MTU value to 1365 under the setup tab.It should work now..Make sure while doing the port forwarding,you are providing the correct ip address on the router as well on the X-Box.
  However,if your ISP is DSL then,convert the modem into the bridge mode to make your x-box working. 

• New Customer Experience with Port Forwarding

  OK, so my OpenReach Modem and HomeHub 3 were installed last week and all seemed OK at first.
  A bit of background:
  I'm a seasoned IT guy and have a nice network set up at home that caters for my needs (most of the time).
  Without going into too much detail, I have my own DHCP/DNS server and I run a Webserver for personal use.
  I have Virgin Broadband - which work most of the time.
  I've also just had BT Infinity installed so I should always have Internet access no matter which ISP is having issues.
  I was hoping to be able to access my webserver externally from either my BT or Virgin. I didn't think this would be an issue.
  It still all works fine through my Virgin connection. I use dynamic DNS (no-ip.org)  to get to my server. 
  On the Virgin Superhub - I have DHCP switched off and all my machines (except one at the moment) get the Virgin router assigned as the Internet gateway (via my own DHCP server).  
  My test machine gets a the BT HomeHub 3 assigned as the Internet gateway (also from my own DHCP server) and I have switched off DHCP on Home Hub.  
  Before I move onto my issue, I have to say that the above network setup works flawlessly. 
  The Virgin Router is on 192.168.0.1, The Home Hub is on 192.168.0.2.  (subnet 255.255.255.0)
  They are on the same network but because DHCP it switched off on both routers - everything is happy.
  I can access my Server from the Internet via my no-ip.org address and it all works great.
  The issue:
  I thought it would be relatively simple to configure the BT Home Hub 3 to access my server from the Internet.
  Hmmm. Port Forwarding seems to be the issue. It just doesn't work reliably enough. Sometimes it works, then sometime it stops working. Right now it's not working.
  At first I though it was just me, not configuring it correctly. But no.
  Then I started reading this forum and found there are reports of issues with port forwarding going back a year.
  I don't know if that a good or bad thing - an issue running that long must be on the verge of getting fixed right?
  Or any issue running that long without resolution probably has no simple resolution or just isn't a priority (for BT) maybe.
  My Question:
  (and I think I already know the answer)
  Has anyone got a sure fire way of configuring the HomeHub3 so the port forwarding works? 
  Or should I just throw in the towel now and buy a Dual Wan Router? 
  One last note:
  This morning my Infinity Broadband Speed dropped from
  38Mb down/6Mb Up (measured several times yesterday)
  to
  0.7Mb down/0.3Mb Up (yes those decimal points are in the right place)
  And I haven't got a clue why.
  I power cycled the HomeHub and it returned to normal. Does this happen to other people?
  Cheers
  Graeme.
  Graeme

  Bullitt wrote:
  the port on your network is defined by lan ip address and port number eg 192.168.1.10:80
  you cannot forward this outbound port twice
  There is no "port on my network" A port is associated with a IP address not a network.
  My webserver listens an port 80 - requests from the Internet for http are port forwarded by the router (either BT Homehub or Virgin Superhub) to port 80 at address 192.168.0.5 (in my case). 
  If I am trying to access my webserver from the Internet, I point my browser at the WAN IP address of my router (again it doesn't matter which one - BT or Virgin) and the router port forwards the request to my Webserver.  Each router can do this independently. 
  "you cannot forward this outbound port twice"
  As explained above - It's an inbound port not an outbound port.
  I appreciate you are trying to be helpful but just telling me something is not possible without explaining why its not possible doesn't really help me.
  As I said before, this was working fine, then it stopped working but only when trying to access my webserver via the BT Router. It still works fine from my Virgin Router. I used WireShark and port mirroring on my switch to prove that the Home Hub as stopped port forwarding inbound traffic to my webserver. 
  This is a problem with port forwarding on the Homehub, not my network setup. Looking at other posts on this forum - I'd suggest I'm not the only one having problems.
  To be honest, it's the least of my problems with the HomeHub right now. I'm far more concerned with the fact that twice today I've had to power cycle it because the throughput has dropped from 38Mbit-down/6Mbit-up to <1Mbit-down/<1Mbit-up. It's a known problem, BT are working on it, yet I still am paying full price for a product that should never had made it out of Beta test.
  Graeme

• ASA 5505 Site-to-Site VPN with multiple networks

  Hi,
  I have 2 Cisco ASAs 5505 in the different places with a created connection Site-to-Site VPN. It’s working fine in the networks where they are (10.1.1.0/24 and 10.2.1.0/24 respectively).
  Additionally to the ASA1 are connected two subnets: 10.1.2.0/24 and 10.1.3.0/24 and the ASA2 is connected to one subnet: 10.2.2.0/24
  A problem is when I’m trying to get to a host in the subnet behind the ASA2 from the subnet behind the ASA1  and vice versa.
  Any help would be greatly appreciated.

  It's all about the crypto ACL. You have to combine all networks behind ASA1 with all networks behind ASA2. You can use object-groups for that to handle it. What's the config of your crypto ACL?
  Sent from Cisco Technical Support iPad App

• When I print a photo to my epson printer, it comes out larger than the original photo - so the photo prints beyond the borders. Tried readjusting all sorts of things but nothing helps. I had this same problem with my Canon. any ideas?

  When I print a photo to my epson printer, it comes out larger than the original photo - so the photo prints beyond the borders. Tried readjusting all sorts of things but nothing helps. I had this same problem with my Canon. any ideas?

  Crop to the print size before pringing
  LN

• Hello! Help me please, I have a problem with the program occurred after the upgrade to version 3. 6. 16, namely by pressing the button 'Open a new tab' nothing happens. ?

  Hello! Help me please, I have a problem with the program occurred after the upgrade to version 3. 6. 16, namely by pressing the button 'Open a new tab' nothing happens. ?

  This issue can be caused by the Ask<i></i>.com toolbar (Tools > Add-ons > Extensions)
  See:
  * [[Troubleshooting extensions and themes]]

• Link Problem with port 2 in WLC 4402

  Hi,
  I have a problem with port 2 in Wireless Lan Controler 4402. The problem is that the distribution port 2 of the WLC not link with the switch (3750). We receive the WLC and we follow the autostart wizard and we enable LAG. The wizard finish, I restart the system and all works fine. The two distribution ports of WLC, 1 and 2 appears UP and the LAG works correctly. After this we upgrade the firmware of the WLC to the version AIR-WLC4400-k9-6-0-182-0.aes and we restart the system again but at this time port 2 does not link and port 1 link OK. We do not know the reason why port 2 doesn´t link? Could you help me ?
  Thank in advance.
  Regards.

  Does it properly refuse authentication ? Or does the login page stop appearing or something ?
  There was a bug with the webauth dying under heavy load, regardless of number of identical accounts used.
  One good way for you to check would be, when problem occurs, to create a second backup guest user and see if that would start working. If it doesn't, the account is not the problem.
  I'm not aware of any maximum of usage of the same account.
  Which 4.2 exactly are you running ?

• If anybody have a problem with connection to smtp server from iPhone

  If anybody have a problem with connection to smtp server just add new server
  Seetings → Mail, Contacts, Calendars → User Me account → Account → Under Advanced choose Mail → SMTP → Add Server
  smtp.me.com
  user name ([email protected])
  password
  Apple, i am in love with your product, please fix this so we could injoy it even more.

  Might be something to help you here >  iCloud: Mail server information

• Problem with call forwarding. Calls can not be forwarded for incoming external calls

  Hi Everybody, how are you?
  I have a problem with call forwarding. Everything was fine but now is not working.
  In the reception of an office, the receptionist activate the call forward option to an internal extension. If somebody, internal in the office, call to the reception, the call is forwarding to the extension configured. But if I call from the outside (in example, from my cellphone) the call is not forwarded to the extension configured and continue ringing in the reception phone. Why this behavior? Any idea?
  If you know something please tell me.
  Thanks. Best regards.
  Andres Collazos.

  I encounter a similar problem with 9.1.1.
  My problem is link to this bug ID : CSCtq10477.
  Mathieu