OpenVPN IPv6 client, IPv4 server, Port forwarding?

Similar Messages

• Media Server port forwarding

  Hi
  I have a HP Mediasmart WMS and I hope I have:
  Opened port 80
  Opened port 443
  Opened port 4125 (although if you test it says it is closed)
  I have also ensured that my Mediasmart is always receiving the same IP address.
  I still cant access the server remotely though....
  Any help would be much appreciated

  Since you have not had a reply.
  Have you opened both UDP and TCP?
  If my post was helpful then please click on the Ratings star on the left-hand side If the the reply answers your question fully then please select ’Mark as Accepted Solution’

• Use iptables on DMZ server to port forward

  Hello!
  My ISP have this great idea that we have to go to their site to do port forwarding and changing settings on the router/modem, so I was thinking to just set one of my servers as a DMZ, and do port forwarding with iptables on that server.
  The problem is that I can't find out how I can make packets coming in on one port go out to another ip in the LAN.
  Here is my network setup:
  1. Combined router, modem and wireless AP.
  2. Apple AirPort Express connected to the Wifi
  3. switch connected to the AirPort Express with ethernet.
  4. two servers connected to the switch(also with ethernet).
  the two servers have ip adress 192.168.2.3 and 192.168.2.4. And I have set up 192.168.2.3 as DMZ.
  How do I use iptables to route connections that is coming to 2.3 on a speciffic port to 2.4?

  hunterthomson wrote:
  Well, I have kind of turned into an arno-iptables-firewall fanboy. I mean really, you can read through the script in /usr/sbin/arno-iptables-firewall  Super well commented and written very well. It covers all your bases.
  You will want to use the updated package listed in the comments.
  http://dl.dropbox.com/u/1367726/arno-ip … all.tar.gz
  You will also want the SystemD Unit file
  https://aur.archlinux.org/packages/syst … -firewall/
  To do NAT and Port-Forwarding... basically just read through the whole firewall.conf and when you hit the bottom your done.
  But really, you just need to change these things.
  /etc/arno-iptables-firewall/firewall.conf
  Line #41, put your Internet facing interfaces here.
  Line #46, Probaly want to set this to '1' becuase it sounds like the server dose get it's IP from DHCP... but that is a bad idea because it needs to have the same IP all the time... so maybe leave it disabled '0'
  Line #87, Put your LAN facing interfaces here
  Line #94, Put the LAN network here, So like if your Internet facing network is 192.168.2.0/24 you could make the LAN 192.168.4.0/24
  Line #140, Change this to '1' to enable NAT for your LAN
  Line #162, Change this to '1' to enable Port-Forwarding
  Line #193-195, Here is where you define your port-forwards,
  Example: Forward TCP port 22 to host 192.168.4.55 and TCP port 80 to 192.168.4.66
  --> Line 193, NAT_FORWARD_TCP="22>192.168.4.55 80>192.168.4.66"
  Then open port 22 and 80 on the WAN side so they 'can' be forwarded.
  Line #1170, OPEN_TCP="22 80"
  You should also check out the config's in the plugins directory. This is where you get your moneys worth...
  ssh-brute-force-protection.conf
  ids-protection.conf
  traffic-shaper.conf
  ipv6-over-ipv4.conf
  traffic-accounting.conf
  transparent-proxy.conf
  multiroute.conf
  ipsec-vpn.conf
  And More !!!
  Thanks for answer. But it seems like you missed that the server is only connected to the LAN, never to the internet.

• Port forwarding for external access to VNC server on multiple machines

  I will have 10 PCs connected to the WRT54GL wireless AP. I am testing with 1. It has a static addresses 10.155.22.51. It is running a VNC server at port 5951.
  If I  set my VNC client up to access 10.155.22.51:5951 it works through the WRT54GL wireless AP.
  I set the WRT54GL port forwarding to 5951 - 5951, set the IP address to 10.155.22.51 and enable. The external address of the AP is 10.155.0.29 on the company LAN.
   So I set the VNC client to access the AP address with the VNC port, i.e. 10.155.0.29:5951. I expect the AP to change the address to 10.155.22.51:5951. This does not work.
  Note: the problem could be that the AP is going through NATting because I can also access it at 10.155.22.9 along with all the other PCs on that LAN, i.e. I can access the LAN directly from elsewhere on the company net.

  You can try changing the IP of the AP manually ... connect it to the Computer  ..... access the setup page using http://192.168.1.245  .... use password as admin ....
  Configure the IP settings first ...
  Again login with new IP address .... configure wireless settings .....
  Power down the AP & then the router ....
  Wait for few minutes .... then power on the router ...first then the AP ...

• Port forwarding for EYEMAX DVR on WIn Server 2012

  We were using router as a network controller in our lan. Now we replaced router with the Server (win 2012 r2 essentials). We have a EYEMAX DVR client software to connect to a remote ip in the  web. 
  Previously, on the router i had port forwarding setup and EYEMAX was working. When we replaced router with a server i can no longer connect. I guess there are similar setting to be made on a server, but i can't find what to do. It is definitely
  not  a Firewall (when i turn it off EYEMAX still don't work).
  There is an instruction ( http://site.camtechsurveillance.com/downloads/remoteacc.pdf ) how to setup a router to work, but i don't know how to apply similar changes on the server.
  TL;DR.
  How to do same stuff on the server as here http://site.camtechsurveillance.com/downloads/remoteacc.pdf

  Hmm I probably would have left the router in the circuit. You might ask over here.
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/home?forum=winserveressentials
  Regards, Dave Patrick ....
  Microsoft Certified Professional
  Microsoft MVP [Windows]
  Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

• Do I have to use port forwarding in router to log my essential server 2012 from outside

  hi,
  1--do I have to use port forwarding if I have only essential server 2012 in my home?
  2- what is exactly the benefit of port forwarding,  besides the converting static IP adres to internal IP adres for clients?
  thanks
  johan
  h.david

  Yes.
  It allows certain ports to be accessed externally through your firewall, whilst blocking other ports.
  You need to allow access to TCP Port 80 and 443 for Essentials Server.
  Robert Pearman SBS MVP
  itauthority.co.uk |
  Title(Required)
  Facebook |
  Twitter |
  Linked in |
  Google+

• Lync Edge and Proxy server public DNS records port forwarding rules

  Hi All
  I have question in regards to port forwarding rules for port 443 of simple url.
  I have 4 public ip addresses.
  1 edge server (4 nics , 3 running with different ip for sip, meet and dialin in DMZ network, 1 connected to internal local network).
  1 proxy server (2 nics, 1 running with an ip which is in DMZ same as edge, and 1 connected to internal local network)
  1 front end (lync 2013 standard installed.) connected to internal local network
  1 office web apps . connected to internal local network
  The question is that I am using 3 public ip addresses respectively on public DNS records for sip, meet and dialin(av) and using port 443 which has been set on edge server. So , I can use 3 DMZ network ip address on edge for sip, meet
  and dialin (av) port forwarding from 3 public ip addresses as per in Microsoft document.
  However, I also have a reverse proxy .Hence, my understanding is all public DNS records except SIP and port 443 should be pointed and port forwarded to reverse proxy ip address which is in DMZ network as it would redirect 443 and 80 to 4443 and 8080 to front
  end.
  Now the question has been clear, if simple URLs public DNS record and port forwarding rules for port 443 should be pointed to reverse proxy server, why they need to be set on each ip address and port number in Front end server topology to edge server?
  If anyone knows, please give a help how to set it correct and what is supposed to be a correct configuration for a topology lync 2013

  Hi George
  Thanks for your reply. Attached is my topology which could make my it bit clear. You may see the public dns host record from the image. I set sip, meet, dialin , and owa 4 host records. The first 3 records are pointed to lync edge by doing a NAT with port
  443 which is the same as per you said. However my understanding is they should be pointed to reverse proxy instead as for instance, I need meet.xxx.com with port 443 to be redirected to port 4443 through reverse proxy server to the front end. So when the external
  customers who do not have lync client installed to their machine then we can shoot a lync meeting and send to them via outlook and they just need to click on join lync meeting link in the email to join in such a meeting based on IE. (Is my understanding correct?)
  If lync web meeting works like so , then the question is why I need to set three SAME addresses in front end topology builder for edge and make them point to edge server instead?　
  １. Access Edge service (SIP.XXX.COM) ---> I understand that it is used for external login lync front end.
  2. Webconf edge server(Can I set to meet.xxx.com which is the same as simple URL that points to reverse proxy?) ----> If I can set this address to be the same as simple url address that points to reverse proxy, why should it need to be NATed to edge
  instead? TO BE HONEST, if I HAVE tested, if I set this url as sip.xxx.com which means to use a single FQDN and ip address with port 444 and points simple url meet.xxx.com to reverse proxy, it will still work to join lync meeting sent by
  outlook.I DO NOT REALLY UNDERSTAND WHAT this URL used for at this stage.
  3. AV edge --- same as webconf
  Regards
  Wen Fei Cao

• I need help changing settings (port forward?) after a physical server move

  Hi! I have a 10.6 server that I use at home. All is well and good there. The Airport Extreme assigns IP addresses for the network. I have www.mydomain.com that runs on the server -- I use it for testing web apps, etc. I use DynDNS with their client app that send the Comcast dynamic IP address back to DynDNS to keep the server on the grid.
  My friend has a 10.6 server. He has www.hisdomain.com as a home business. He also uses DynDNS in a similar way. His landlord just informed him that his apartment is going to be sold from underneath him and he has to move ASAP. It looks like he won't have a permanent place for a month or two, so I offered to let him keep his server at my place.
  We both run websites on port 443 and port 80.
  After attaching his server to my network, his domain name updates, but typing www.hisdomain.com into a browser lands me on www.mydomain.com. I guess that the problem is port forwarding... the router sends all 443 and 80 requests to my server.
  How do I configure this so that services for hisdomain.com are forwarded to his server while services for mydomain.com are forwarded to my server?

  Short answer: you can't, although there are a couple of ways to sort-of kluge it.
  Long answer: When your router gets an incoming connection, the only thing it has to go on is the IP address and port number (the domain name is sent much later, after TCP session with the server is established). So unless you have multiple public IP addresses (and a router that can handle them), or want to put the sites on different ports...
  Speaking of which, here's kluge #1: run his server on different ports (e.g. 81 and 444, or maybe 8080 and 8043) and set the router to forward them to his server. Problem: the user has to include the port number in the URL when they connect, or they'll get your server.
  Partial solution (and kluge #2): add a virtual site on your server, with the hostname www.hisdomain.com, go to its Aliases section, and add a rule in the URL Aliases & Redirects section, with these settings:
  Type: RedirectMatch
  Pattern: (.*)$
  Path: http://www.hisdomain.com:81$1
  Then build an SSL version that redirects to https://www.hisdomain.com:444$1. Problem: when the client connects, they'll get your SSL certificate instead of his (again, it happens before the client sends the domain name it's trying to reach), and get a cert error. No fix for this.
  Kluge #3: instead of making the virtual site redirect clients to his server, add a reverse proxy so your server'll transparently forward requests to his server, and proxy the replies. I haven't done this, but I think what you need to do is make a virtual site (as above), and under its Proxy tab (the one under the virtual site, not the one under the Settings section), check the Enable Reverse Proxy box, leave the Proxy Path as "/" and the Sticky Session Identifier field blank, and add a Balancer member with the Server URL "http://hisinternalipaddress" and a blank Route. Or something like that. Again, you could do the same for https as well, but you'll have the same certificate problem.

• Defeat Port Forwarding Via A Server Passing a Connection

  Is the following possible?
  There are 2 Users. User A and B.
  Both are behind a router and therefore need to enable
  port forwarding first before they can make a direct connection.
  Both connect to a Server that passes data from A->B, B->A
  Is there a way to establish a direct connection somehow?
  Like somehow having the server "pass" its connection with B to A?

  Do you in fact have an address that can beconnected to?
  Yes. Both users know the IP of the router they are
  trying to connect to.
  For a direct connection I thought the only way to do
  this was port
  forwarding. But if they connected to a server first I
  was hoping there
  would some way around port forwarding.
  Still not sure what you mean. A connection, all connections, even when port forwarding is involved, still requires connecting two computers together. One is the client (connects to) and one is the server (connected to.)
  Essentially, you know how if someone behind a router
  connects
  to you, once you have that connection established you
  can send
  them data without them having port forwarding. Once
  they connect
  to you, you have that 2 way communication.
  That isn't what happens.
  What happens is that the connection is to the router. And that connection is the only one that exists for the client. What happens is that the router then sends messages to the server (behind the router) and responses from the server are then gathered by the router, repackaged, and sent to the client.
  Now if both people are behind a router neither can
  connect to the other without at least one having
  forwarded a port. But if they both connect to a
  server first..... can they establish a direct
  connection somehow?No to the second part.
  Keep in mind that the first part suggests the possibility of some implicit assumptions that would be incorrect. A connection request by the client is managed by the router. The router actually repackages the client request, and it is the router that is actually doing the connection.

• Time Capsule disconnects internet when using web server through port forwarding

  My current config is: 2TB Time Capsule running 7.6.3, Mac Pro running Lion (10.7.5), MacBook Pro running Mountain Lion (10.8.3), and a couple of MacBook Pro Retinas running Mountain Lion. My current ISP is Comcast.
  I have the Time Capsule set up to port forward port 80 to the Mac Pro for the purpose of running a web server. Most of the traffic is shuttling fairly large m4v files back and forth to work (work product from video editing work). I can reach the webserver on the Mac Pro just fine from the outside world, and can list files in the directory just fine. When I initiate a download (via right click on a link, "Save As..." or whatever), the Time Capsule reports that the Internet has been disconnected, and all machines inside my network lose access to the outside world. I have to either power cycle the Time Capsule, or disconnect/reconnect the Cat-6 cable between the cable modem and the Time Capsule to re-establish the connection. Interestingly, the download continues and completes on the other end without issue (so, the connection is actually still there!).
  Before switching to Comcast, I was on AT&T Uverse - Uverse includes a router, so I had the TIme Capsule set up in Bridge Mode. That worked fine. I also have an older 500GB 1st generation Time Capsule. I set it up with the same config as my 2TB TC, and it shows the exact same behavior - internet disconnects upon initiating a file download through a forwarded port. I then hooked the Mac Pro up directly to the cable modem. I can initiate a download without issue, and I continue to stay connected to the Internet without problem. Called Comcast anyway - they report no errors on the line, but reset the whole device chain anyway. No change in behaviors.
  I tried downgrading the Time Capsule software to 7.6.2 (the earliest version that came on it). No dice, same behavior.
  So... I called Apple. Complete and utter FAIL. Apple Support reports that they have no training in the port forwarding features of the Time Capule or Airport products, and cannot help me resolve the issue because of that. So, I have a $300 router that apparently cannot perform a simple routing function (download through a forwarded port), that I cannot troubleshoot (because Airport software v7 is an epic fail in that regard), made by a company who cannot support it - and everything this $300 device is doing can be done by a $50 device with a $100 external hard drive?
  Do I understand this situation correctly? What have I missed in trying to troubleshoot this thing?

  Apple Support reports that they have no training in the port forwarding features of the Time Capule or Airport products, and cannot help me resolve the issue because of that. So, I have a $300 router that apparently cannot perform a simple routing function (download through a forwarded port), that I cannot troubleshoot (because Airport software v7 is an epic fail in that regard), made by a company who cannot support it - and everything this $300 device is doing can be done by a $50 device with a $100 external hard drive?
  Do I understand this situation correctly? What have I missed in trying to troubleshoot this thing?
  Excellent summary.. I think you have covered all the salient points most thoroughly.
  Port forwarding on the TC I would put into the category of "epic fail"
  I have a nasty feeling it just doesn't work in many cases. Clearly from your situation the port is forwarded correctly.. it is the actual download that is causing the device to crash.. which is probably not the port forwarding itself that is at fault but rather the external link and opening another port for the download to happen.
  Many of the issues were caused by using icloud and btmm.. which would work a lot better btw. Although the hassle there is needing to offer that as a service to any Tom Dick or Harry.
  Let me suggest a work around or other things to try.
  I also have an older 500GB 1st generation Time Capsule. I set it up with the same config as my 2TB TC, and it shows the exact same behavior - internet disconnects upon initiating a file download through a forwarded port.
  Use 5.6 utility.. more info below. And take the firmware of this unit (Gen1) back to 7.5.2 (before icloud mess ups in 7.6).
  You can go back to 7.5 firmware also in Gen4 TC if it is more than about 14months old.. Simply hold down the option key when you select firmware and the old versions will show up. If your TC came with 7.6.1 (the 7.6.2 was withdrawn as it was even bigger failure than 7.6.3). then you cannot go back.
  You might also find downloading via http is not as reliable as using FTP.. FTP is a better and more efficient protocol. It should be no problem to setup ftp server on the mac pro to allow download via ftp even with a browser.
  But in the end.. your $50 router suggestion.. well perhaps a little more than that.. $80-100 will work very well.. also this router can be setup with a Hard Disk and offer the files to the internet via FTP.. without needing full network access to your internal network.
  How to load 5.6 into ML.
  1. Download 5.6 for Lion.
  http://support.apple.com/kb/DL1482
  Click to open the dmg but do not attempt to install the pkg.. it won't work anyway.
  2. Download and install unpkg.
  http://www.timdoug.com/unpkg/
  Run unpkg on the desktop.. it is very simple.. drag the AirPortUtility56.pkg file over to unpkg.. and it will create a new directory of the same name on the desktop.. drill down.. applications utilities .. there lo and behold is Airport utility 5.6 .. drag it to your main utilities directory or just run it from current location.
  You cannot uninstall 6.1 (now 6.2 if you updated) so don't try.. and you cannot or should not run them both at the same time.. so just ignore the toyland version.. the plastic hammer.. and start using 5.6.. a real tool.
  For screen shots see this post.
  https://discussions.apple.com/thread/4668746?tstart=0

• Port Forwarding for Counter Strike Server - DSL Modem to Linksys Router then to my Laptop (wifi)

  Hi,
  i have read many posts here but did not find any solution. Below is my current situation.
  Objective: I want to create a Counter Strike 1.6 Server and for that i have to forward port 27015.
  Networking Issues: Im currently using a Shiro (Dsl Modem) which is given by my ISP & i have connected my DSL modem to my Linksys WRT54G (ver 7.2) router. I connect my laptop thorugh wifi to router.
   I know basic port forwarding but that does not help me. I need a complete tutorial on this issue coz i dont have much network knowledge.
  waiting for reply
  thank you

  Try this link to forward port for Counter Strike on the router.

• How to port forward in windows server 2012 ? for IIS

  Hi,
  I have windows server 2012 in AWS cloud (Public IP)
  Installed IIS 8 and running website in the port 8980 and its working fine (Public IP)
  My question is
  I have CNAME record in Godaddy in the name of example.com which is pointed to my PUBLIC IP ... its working fine. 
  But I want to know how to port the 80 request to 8980 in windows server 2012 thanks.
  Wes

  Hi,
  According to your description, my understanding is that you want that example.com(in Godaddy) to transfer corresponding queries(port and website name) to the website on WS 2012(in AWS cloud).
  Since your domain example.com is supported by Godaddy, I recommend you to contact the supporter of Godaddyand confirm that if their product supports port forwarding.
  In general, if you useWindows ServerInstruction, we may enable NAT(Routing and Remote Service) on network interface to redirect services/ports.
  Best Regards,
  Eve Wang
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Port Forwarding on OSX 10.5 Server using Dynamic External IP Address

  I have been able to get Port Forwarding to work properly on OSX Server by following the documentation and following discussion:
  http://discussions.apple.com/thread.jspa?messageID=6700460
  The problem however, is that you specify a static ip address on the natd.plist file.
  I do not have a static ip address, and sometimes it changes. When this happens, of course all the port forwarding configuration will not work, and I need to replace the old external ip with the new external ip address.
  This is an easy task to be accomplished, however having the internal network down just for the change of ip address is a hassle.
  Is there any way the string entry can be updated with the ip address of the external interface (en0), instead of applying an ip address?
  <key>aliasIP</key>
  <string>17.128.128.128</string>
  I would like to have the ip address (ex: 17.128.128.128) to be updated automatically from my interface ip address. So if my external ip address changes to 17.128.30.30, the natd.plist file will be automatically updated with correct values.
  If I could do the following would be great but doesn't work
  <key>aliasIP</key>
  <string>en0</string>
  Any ideas on how to get this accomplished?
  Or better yet, can it be accomplished as of now?
  I know I can use IPNetRouterX (www.sustworks.com) and that will work just fine. Have tested using the trial and it works, however I do not want to spend $100 for the software either, and I bet there should be a way this can be done on OSX 10.5 Server.
  Thanks a lot!!!

  This would be best reposted in the appropriate Leopard server forum
  http://discussions.apple.com/category.jspa?categoryID=96

• WRT610N V1 will not allow port forwarding via HP Mediasmart Server

  I have the WRT620N router and an HP MediaSmart server connected to it.  My source is a cable modem.  WHen I try to set up the server for remote access, the router is not found.  I am continually getting "Port Forwarding failed" errors from the server.  I also have several iPhone apps used to control devices on the network (DVR, BluRay player,etc) that will not connect.  (These worked before I changed to this router.) 
  I have verified that the UPnP is enabled.
  I have been struggling with this issue for several months and have not had any luck getting help from the forums, but will tryi again.
  Any help would be appreciated.
  Thanks,
  Joel WZ
  Thanks,
  Joel WZ

  Did you tried to enable Remote Management Access on the router setup page?
  If no, then Enable Remote Management Access under Administration tab and then check.

• WRT610N - Need to Set Static IP for Server and Port Forwarding

  Does anyone know how I can assign a static IP for my Home Media Server in the WRT610N router? I need to do this because of the settings I need to set for the server in the Single Port Forwarding.
  Thanks in advance!

  Never mind. I got it.