Port forwarding configuration

Similar Messages

• WRT54G V5 Port Forwarding Configuration Loss

  Hi All...
  Having a strange issue with my router item listed above. I go into the router and forward a list of about 12 ports for online gaming (in order to improve my NAT to "open"). Everything works fine for about ten minutes and then my NAT goes from Open to Moderate, which presents a whole slew of issues (bans you from certain servers, inhibits the use of voice with certain users on xbox 360 etc etc). A moderate NAT is bad for 360.
  So... I go into my router to check that the settings are there and they indeed are and using a diagnostic tool shows the ports are no longer open. So... apparently the linksys box has altered the configuration somehow that is not present in the GUI. If I save the settings again it does not reopen the ports so I am forced to restore the configuration file I created just after making the port forwards for the first time.
  So... The box reboots and the ports open back up... until about ten minutes pass and the ports close down once again. So in a nutshell, the configuration of my router is changing on its own and I don't know how to stop it. (Its alive!!!! hahha).
  Does anyone out there have any experience with this or the technical knowledge to assist? Linksys tech support and xbox tech support has been..... well.... not so helpful.
  Thank you for your time (sorry for the long post!)
  Brad G.

  well.....change the MTU settings to 1365 and enable DMZ instead of port forwarding.....ensure that the x-box has a static ip add and dns address....
  also, check the firmware on the router...if it is below v 1.01.1 , upgrade the firmware on the router...reset the router and reconfigure then

• Port Forwarding for L2TP/IPSec VPN Behind Verizon Actiontec MI424WR-GEN2 Rev. E v20.21.0.2

  I've got a NAS setup with various services running on custom ports to help minimize exposure (especially to script kiddies). I've tested everything both internally and externally to confirm they all work, and even had someone at a remote location confirm accessibility as well.  Port forward configurations performed on the Actiontec are working well. 
  I installed an L2TP/IPSec VPN server, tested internally and it connected successfully.  So for all intents & purposes, this validates that the VPN server is correctly configured to accept inbound connections and functioning correctly.
  I logged into the Verizon Actiontec MI424WR router, setup port forwarding for UDP ports 500, 1701 & 4500.
  Note: I added the AH & ESP protocols based on what I saw on the built-in L2TP/IPSec rules
  With the port forwarding in place, I tested VPN externally but it didn't connect.
  I've done the following so far to no avail:
  Double & triple checked the port forwards, deleted & recreated the rules a few times to be sure
  There are no other pre-existing L2RP/IPSec port forward rules or otherwise conflicting port forward rules (e.g.: another rule for ports 500, 1701 or 4500)
  There was an L2TP port triggering rule enabled, that I toggled on and off with no change
  Verified the firewall on VPN server had an exclusion for L2TP, or that the firewall is off. (Firewall is off to reduce a layer of complexity, but it worked internally to begin with so I doubt that's the issue.)
  Since it works internally, and there are no entries in the logs on the device indicating inbound connections, I'm convinced its an issue with the Verizon Actiontec router.  But unfortunately, I'm not sure what else to try or where else to look to troubleshoot this.  For instance, is there a log on the router that I can view in real time (e.g.: tail) that would show me whether or not the inbound connection attempt is reaching the device, and whether or not the device allowed or blocked it?
  My router details:
  Verizon Actiontec
  MI424WR-GEN2
  Revision E
  Firmware 20.21.0.2
  Verizon Actiontec built-in L2TP/IPSec rule templates.  They're not currently in use, but are baked into the firmware for easy configuration/selection from a drop down menu.
  Solved!
  Go to Solution.

  normally a vpn on that router, will have a GRE tunneling protocol as well.
  two ways to build the PF rules,
  Manually
  Preconfigured
  I know the preconfigured VPN rules will do the GRE protocol as well, but if you do it by hand you can't get it.

• Nginx client_ip in log file, with ssh -R Port forwarding

  Hi, everyone!
  First, I run a nginx server M1 (in my offce)  behind a router R1 and M1's IP addr is 192.168.5.126. I set nginx's log format like this:
  log_format main '$remote_addr - $remote_user [$time_local] "$request" '
  '$status $body_bytes_sent "$http_referer" '
  '"$http_user_agent" "$http_x_forwarded_for"';
  After that, I will get the correct client ip in the access log.
  192.168.5.88 - - [21/Apr/2015:11:12:47 +0800] "GET /js/date.js HTTP/1.1" 200 403 "http://192.168.5.126/" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.118 Safari/537.36" "-"
  Then, I want to visit M1 outside (in the campus) .  Unfortunately, I can do nothing with the router R1. But I have a router R2 whose framework is OpenWrt and its IP 222.xx.xx.xx can be visited by anyone who has logged into the campus network.
  Then I wrote a autossh service to do that:
  [Unit]
  Description=AutoSSH service for local port 80 forwarded to 222.xx.xx.xx:80
  # place this in /etc/systemd/system/, than enable this.
  After=network.target
  Requires=nginx.service
  After=nginx.service
  [Service]
  Environment="AUTOSSH_GATETIME=0" "AUTOSSH_POLL=60" "AUTOSSH_LOGFILE=/var/log/nginxssh.log"
  ExecStart=/usr/bin/autossh -M 22000 -NR 222.xx.xx.xx:808:localhost:808 -NR 222.xx.xx.xx:80:localhost:80 -o TCPKeepAlive=yes -p xxxx [email protected] -i /home/username/.ssh/id_rsa
  [Install]
  WantedBy=multi-user.target
  Yeah, It works! BUT BUT when someone visits 222.xx.xx.xx, I lost the  the client ip in nginx log file. That would always be 127.0.0.1, why?
  127.0.0.1 - - [27/Apr/2015:00:34:07 +0800] "GET /static/mathjax/MathJax.js?config=TeX-AMS_HTML HTTP/1.1" 304 0 "http://222.xx.xx.xx:808/url/jakevdp.github.com/downloads/notebooks/XKCD_plots.ipynb" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:37.0) Gecko/20100101 Firefox/37.0" "-"
  After ``ssh -R Port forwarding``,  client ip is lost?
  If so,  what should I use to replace ``ssh -R``?
  Last edited by limser (2015-05-04 12:39:18)

  It seems there is a port forwarding configuration trouble with you modem.
  When you access from the WAN or from the LAN, you don't enter in you modem the same way, so the behavior is different.
  It seems that the port 22 of your modem is not directly forwarded to your server. The modem itself asks you a login/password. The key-pair authentification is between laptop and server. The modem itself is not recognized during this authentification.
  Don't touch your ssh-config. It's OK since it was working for monthes before you change your modem.

• HH3 Type B port forwarding not working.

  Hi there.
  I have searched absolutely everywhere for a solution to my problem before posting here. Basically port forwarding isn't working at all on my HH3 Type B router.
  I've read all about the problems people have had with the Type A's but as far as I see nobody seems to have a problem with the Type B in regards to port forwarding or loopback.
  I've set up port fowarding on many different routers with many different ISP's so I don't think it's something I'm doing, or rather, not doing but you never know.
  These are the steps I take when setting up port forwarding:
  Firstly setting up my static IP (obviously only needed to be done once) which I've chosen one outside of the routers DHCP range as I've always done in the past. Then I open the router screen, go to Settings / Advanced Settings / Port Forwarding / Supported Applications and click "Add new game or application".
  I then enter a name, change "Copy existing game or application" to "No", and then change the "Protocol" to UDP or TCP as needed (also have tried using "Any" too with no luck). Next add a "Port Range" for example 12345 - 12345 then add "Translate To" 12345 - 12345 (port ranges obtained from portforward.com per application) then click "Add" and repeat for additional ports as needed.
  Once that is all done, click "Apply" then go to Port Forwarding / Configuration or go to Home Network, select the applicable device and choose the newly added application from the "Port Forwarding" drop down list (and choose applicable device if doing it from Port Forwarding / Configuration). Click "Add" once application is selected.
  Add additional applications where needed then finally click "Apply" to store the forwarded ports.
  Close router page and port forwarding should be fully setup and working.
  That's basically how I would do it anyway, but I also checked on portforward.com and it says pretty much the same and on these forums as well as a few other sites and I see nothing different but port forwarding still isn't working.
  In my router "Event Log" it does show "The Port Forwarding entry of [xxx.xxx.x.xx] has been added or modified.".
  My Firmware version is V100R001C01B036SP03_L_B. Last updated 19/05/13.
  I have no firewall on my pc and the one enabled on the router is set to default but have also tried disabling it. Have tried enabling DMZ as suggested in various places with no luck and have tried changing UPnP settings again with no luck.
  So if anybody has any suggestions I am all ears because this is bugging me so much as there are a few applications and games that require port forwarding and are pretty useless without it really.
  Thank you.

  If you follow the instructions on this page, it should work. Please see note about CG-NAT.
  Port forwarding problems
  There are some useful help pages here, for BT Broadband customers only, on my personal website.
  BT Broadband customers - help with broadband, WiFi, networking, e-mail and phones.

• Port Forwarding on OSX 10.5 Server using Dynamic External IP Address

  I have been able to get Port Forwarding to work properly on OSX Server by following the documentation and following discussion:
  http://discussions.apple.com/thread.jspa?messageID=6700460
  The problem however, is that you specify a static ip address on the natd.plist file.
  I do not have a static ip address, and sometimes it changes. When this happens, of course all the port forwarding configuration will not work, and I need to replace the old external ip with the new external ip address.
  This is an easy task to be accomplished, however having the internal network down just for the change of ip address is a hassle.
  Is there any way the string entry can be updated with the ip address of the external interface (en0), instead of applying an ip address?
  <key>aliasIP</key>
  <string>17.128.128.128</string>
  I would like to have the ip address (ex: 17.128.128.128) to be updated automatically from my interface ip address. So if my external ip address changes to 17.128.30.30, the natd.plist file will be automatically updated with correct values.
  If I could do the following would be great but doesn't work
  <key>aliasIP</key>
  <string>en0</string>
  Any ideas on how to get this accomplished?
  Or better yet, can it be accomplished as of now?
  I know I can use IPNetRouterX (www.sustworks.com) and that will work just fine. Have tested using the trial and it works, however I do not want to spend $100 for the software either, and I bet there should be a way this can be done on OSX 10.5 Server.
  Thanks a lot!!!

  This would be best reposted in the appropriate Leopard server forum
  http://discussions.apple.com/category.jspa?categoryID=96

• Port Forwarding & Access List Problems

  Good morning all,
  I am trying to set up port forwarding for a Webserver we have hosted here on ip: 192.168.0.250 - I have set up access lists, and port forwarding configurations and I can not seem to access the server from outside the network. . I've included my config file below, any help would be greatly appreciated!  I've researched a lot lately but I'm still learning.  Side note:  I've replaced the external ip address with 1.1.1.1.
  I've added the bold lines in the config file below in hopes to forward port 80 to 192.168.0.250 to no avail.  You may notice I dont have access-list 102 that i created on any interfaces.  This is because whenever I add it to FastEthernet0/0, our internal network loses connection to the internet. 
  version 12.4
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname pantera-office
  boot-start-marker
  boot-end-marker
  no logging buffered
  enable secret 5 $1$JP.D$6Oky5ZhtpOAbNT7fLyosy/
  aaa new-model
  aaa authentication login default local
  aaa session-id common
  dot11 syslog
  ip cef
  no ip dhcp use vrf connected
  ip dhcp excluded-address 192.168.0.1 192.168.0.150
  ip dhcp excluded-address 192.168.0.251 192.168.0.254
  ip dhcp pool private
     import all
     network 192.168.0.0 255.255.255.0
     dns-server 8.8.8.8 8.8.4.4 
     default-router 192.168.0.1 
  ip auth-proxy max-nodata-conns 3
  ip admission max-nodata-conns 3
  ip domain name network.local
  multilink bundle-name authenticated
  crypto pki trustpoint TP-self-signed-4211276024
   enrollment selfsigned
   subject-name cn=IOS-Self-Signed-Certificate-4211276024
   revocation-check none
   rsakeypair TP-self-signed-4211276024
  crypto pki certificate chain TP-self-signed-4211276024
   certificate self-signed 01
    3082025A 308201C3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
    69666963 6174652D 34323131 32373630 3234301E 170D3132 30383232 32303535 
    31385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 32313132 
    37363032 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
    8100B381 8073BAC2 C322B5F5 F9595F43 E0BE1A27 FED75A75 68DFC6DD 4C062626 
    31BFC71F 2C2EF48C BEC8991F 2FEEA980 EA5BC766 FEBEA679 58F15020 C5D04881 
    1D6DFA74 B49E233A 8D702553 1F748DB5 38FDA3E6 2A5DDB36 0D069EF7 528FEAA4 
    93C5FA11 FBBF9EA8 485DBF88 0E49DF51 F5F9ED11 9CF90FD4 4A4E572C D6BE8A96 
    D61B0203 010001A3 8181307F 300F0603 551D1301 01FF0405 30030101 FF302C06 
    03551D11 04253023 82217061 6E746572 612D6F66 66696365 2E70616E 74657261 
    746F6F6C 732E6C6F 63616C30 1F060355 1D230418 30168014 31F245F1 7E3CECEF 
    41FC9A27 62BD24CE F01819CD 301D0603 551D0E04 16041431 F245F17E 3CECEF41 
    FC9A2762 BD24CEF0 1819CD30 0D06092A 864886F7 0D010104 05000381 8100604D 
    14B9B30B D2CE4AC1 4E09C4B5 E58C9751 11119867 C30C7FDF 7A02BDE0 79EB7944 
    82D93E04 3D674AF7 E27D3B24 D081E689 87AD255F B6431F94 36B0D61D C6F37703 
    E2D0BE60 3117C0EC 71BB919A 2CF77604 F7DCD499 EA3D6DD5 AB3019CA C1521F79 
    D77A2692 DCD84674 202DFC97 D765ECC4 4D0FA1B7 0A00475B FD1B7288 12E8
    quit
  username pantera privilege 15 password 0 XXXX
  username aneuron privilege 15 password 0 XXXX
  archive
   log config
    hidekeys
  crypto isakmp policy 1
   encr 3des
   authentication pre-share
   group 2
  crypto isakmp key xxxx address 2.2.2.2
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 
  crypto map SDM_CMAP_1 1 ipsec-isakmp 
   description Tunnel to 2.2.2.2
   set peer 2.2.2.2
   set transform-set ESP-3DES-SHA 
   match address 100
  interface FastEthernet0/0
   description $ETH-WAN$
   ip address 2.2.2.2 255.255.255.0
   ip nat outside
   ip virtual-reassembly
   duplex auto
   speed auto
   crypto map SDM_CMAP_1
  interface FastEthernet0/1
   description $ETH-LAN$
   ip address 192.168.0.1 255.255.255.0
   ip nat inside
   ip virtual-reassembly
   duplex auto
   speed auto
  interface Serial0/0/0
   no ip address
   shutdown
  ip forward-protocol nd
  ip route 0.0.0.0 0.0.0.0 1.1.1.1
  no ip http server
  ip http authentication local
  no ip http secure-server
  ip nat inside source route-map SDM_RMAP_1 interface FastEthernet0/0 overload
  ip nat inside source static tcp 192.168.0.254 20 1.1.1.1 20 extendable
  ip nat inside source static tcp 192.168.0.254 21 1.1.1.1 21 extendable
  ip nat inside source static tcp 192.168.0.252 22 1.1.1.1 22 extendable
  ip nat inside source static tcp 192.168.0.252 25 1.1.1.1 25 extendable
  ip nat inside source static tcp 192.168.0.250 80 1.1.1.1 80 extendable
  ip nat inside source static tcp 192.168.0.252 110 1.1.1.1 110 extendable
  ip nat inside source static tcp 192.168.0.250 443 1.1.1.1 443 extendable
  ip nat inside source static tcp 192.168.0.252 587 1.1.1.1 587 extendable
  ip nat inside source static tcp 192.168.0.252 995 1.1.1.1 995 extendable
  ip nat inside source static tcp 192.168.0.252 8080 1.1.1.1 8080 extendable
  ip nat inside source static tcp 192.168.0.249 8096 1.1.1.1 8096 extendable
  access-list 1 remark CCP_ACL Category=2
  access-list 1 permit 192.168.0.0 0.0.0.255
  access-list 100 remark CCP_ACL Category=4
  access-list 100 remark IPSec Rule
  access-list 100 permit ip 192.168.0.0 0.0.0.255 10.0.100.0 0.0.0.255
  access-list 101 remark CCP_ACL Category=2
  access-list 101 remark IPSec Rule
  access-list 101 deny   ip 192.168.0.0 0.0.0.255 10.0.100.0 0.0.0.255
  access-list 101 permit ip 192.168.0.0 0.0.0.255 any
  access-list 102 remark Web Server ACL
  access-list 102 permit tcp any any
  snmp-server community public RO
  snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
  snmp-server enable traps vrrp
  snmp-server enable traps ds1
  snmp-server enable traps tty
  snmp-server enable traps eigrp
  snmp-server enable traps envmon
  snmp-server enable traps flash insertion removal
  snmp-server enable traps icsudsu
  snmp-server enable traps isdn call-information
  snmp-server enable traps isdn layer2
  snmp-server enable traps isdn chan-not-avail
  snmp-server enable traps isdn ietf
  snmp-server enable traps ds0-busyout
  snmp-server enable traps ds1-loopback
  snmp-server enable traps ethernet cfm cc mep-up mep-down cross-connect loop config
  snmp-server enable traps ethernet cfm crosscheck mep-missing mep-unknown service-up
  snmp-server enable traps disassociate
  snmp-server enable traps deauthenticate
  snmp-server enable traps authenticate-fail
  snmp-server enable traps dot11-qos
  snmp-server enable traps switch-over
  snmp-server enable traps rogue-ap
  snmp-server enable traps wlan-wep
  snmp-server enable traps bgp
  snmp-server enable traps cnpd
  snmp-server enable traps config-copy
  snmp-server enable traps config
  snmp-server enable traps entity
  snmp-server enable traps resource-policy
  snmp-server enable traps event-manager
  snmp-server enable traps frame-relay multilink bundle-mismatch
  snmp-server enable traps frame-relay
  snmp-server enable traps frame-relay subif
  snmp-server enable traps hsrp
  snmp-server enable traps ipmulticast
  snmp-server enable traps msdp
  snmp-server enable traps mvpn
  snmp-server enable traps ospf state-change
  snmp-server enable traps ospf errors
  snmp-server enable traps ospf retransmit
  snmp-server enable traps ospf lsa
  snmp-server enable traps ospf cisco-specific state-change nssa-trans-change
  snmp-server enable traps ospf cisco-specific state-change shamlink interface-old
  snmp-server enable traps ospf cisco-specific state-change shamlink neighbor
  snmp-server enable traps ospf cisco-specific errors
  snmp-server enable traps ospf cisco-specific retransmit
  snmp-server enable traps ospf cisco-specific lsa
  snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message
  snmp-server enable traps pppoe
  snmp-server enable traps cpu threshold
  snmp-server enable traps rsvp
  snmp-server enable traps syslog
  snmp-server enable traps l2tun session
  snmp-server enable traps l2tun pseudowire status
  snmp-server enable traps vtp
  snmp-server enable traps aaa_server
  snmp-server enable traps atm subif
  snmp-server enable traps firewall serverstatus
  snmp-server enable traps isakmp policy add
  snmp-server enable traps isakmp policy delete
  snmp-server enable traps isakmp tunnel start
  snmp-server enable traps isakmp tunnel stop
  snmp-server enable traps ipsec cryptomap add
  snmp-server enable traps ipsec cryptomap delete
  snmp-server enable traps ipsec cryptomap attach
  snmp-server enable traps ipsec cryptomap detach
  snmp-server enable traps ipsec tunnel start
  snmp-server enable traps ipsec tunnel stop
  snmp-server enable traps ipsec too-many-sas
  snmp-server enable traps ipsla
  snmp-server enable traps rf
  route-map SDM_RMAP_1 permit 1
   match ip address 101
  control-plane
  line con 0
   logging synchronous
  line aux 0
  line vty 0 4
  scheduler allocate 20000 1000
  end
  Any/All help is greatly appreciated!  I'm sorry if I sound like a newby!
  -Evan

  Hello,
  According to the config you posted 2.2.2.2 is your wan ip address and 1.1.1.1 is the next hop address for your wan connection. The ip nat configuration for port forwarding should look like
  Ip nat inside source static tcp 192.168.0.250 80 2.2.2.2 80
  If your provider assigns you a dynamic ipv4 address to the wan interface you can use
  Ip nat inside source static tcp 192.168.0.250 80 interface fastethernet0/0 80
  Verify the settings with show ip nat translation.
  Your access list 102 permits only tcp traffic. If you apply the acl to an interface dns won't work anymore (and all other udp traffic). You might want to use a statefull firewall solution like cbac or zbf combined with an inbound acl on the wan interface.
  Best Regards
  Lukasz

• LRT224: Port Forwarding for a specific remote IP address

  Hi all,
  I want to create a port forwarding rule for a specific service (tcp port). But I want to ensure that only users from a specific internet IP address are able to establish a connection to this port, e.g. the remote address should be limited to 27.27.27.27.
  The port forwarding configuration page does not offer a field for entering a single remote ip or ip range. Is there a way to achieve this?
  Thank you for your help.
  Matthias

  Derfry, what you need is to configure two access rules under Firewall>Access Rules tab. One rule is to Deny all IP from accessing the service you are forwarding, and the other rule is to Allow the specific IP address.

• RV325 dual wan port forwarding

  RV325 firmware v1.1.1.19
  Each WAN has 1 static IP
  Can I forward different ports from WAN1 to different internal IP's?  
  The manual says there should be "interface" selection but the on port forward config but all I have is "service", "IP" and "status". 
  What I am trying to do is:
  WAN1:80 --> internal 10.0.0.101:80
  WAN1:10000 --> internal 10.0.0.162:10000
  WAN2:80 --> internal 10.0.0.102:80
  WAN2:10000 --> internal 10.0.0.253:10000

  What mpyhala posted is correct. Under the access rules you are actually able to select an interface.
  Unfortunately, it won't help you in regards to the port forwarding configuration you are trying to setup.
  On this router, you open the ports using port forwarding. You can configure access rules and select the right interface but it will not open any ports.

• RV042 Port Forwarding bypassing ACL

  I have a RV042 with Port Forwarding configured for RDP. This Port Forwarding Rule is being applied before my ACL - so subnets that are not authorized through are being allowed in. Firmware version 4.0.0.07. Any help would be greatly appreciated.                  

  Hi Eric, the default state table may be the problem.
  Try to make an access rule something like-
  Action Deny
  Service All
  Source interface WAN
  Source IP any
  Destination IP any
  Save
  Action Permit
  Service RDP
  Source interface WAN
  Source IP -xx.xx.xx.xx
  Destination IP - xx.xx.xx.xx
  Save
  -Tom
  Please mark answered for helpful posts

• E3000 ~ spontaneous port forwarding IP changes

  I have an E3000 with firnware 1.0.04. 
  A forwarded port is spontaneously changing the IP address assigned to it, but with no change indicated in the singel port forwarding configuration.
  I have a web server on IP=XXX.XXX.XXX.7, and another device on my LAN with an internal web server at IP= XXX.XXX.XXX.8.  The single port forwarding configuration is:
          HTTP, external port 80, internal port 80, protocol=TCP, to internal IP address xxx.xxx.xxx.7, enable checked
  The configuration is saved, and all works well for for hours and/or days and I can use the web host from the intenet as expected.  However, after a few days or hours the E3000 suddenly starts sending the http traffic to IP=xxx.xxx.xxx.8 instead of xxx.xxx.xxx.7.  When I log in to the router and look at the port forwarding page, it still says it's forwarding the http traffic to xxx.xxx.xx.7 ~ even though all http traffic is being sent to xxx.xxx.xxx.8!  I have to reboot the router to get the port forwarding to work properly.  If I leave the device at xxx.xxx.xxx.8 powered off, the router seems to work fine for extended periods.
  There are no port forwarding services in the router that reference IP=xxx.xxx.xxx.8 , and it does not appear that the port forwarding problem is related to DHCP.  All devices on my network have a reserved DHCP address based on their MAC.  It does not appear that the spontaneous port forwarding change occurs when when the xxx.xxx.xxx.8 device powers up and gets it's address via DHCP.  I have also deleted the xxx.xxx.xxx.8 device from the DHCP reservation table and simply access the device as needed by referencing it's IP, and xxx.xxx.xxx.8 is outside the range of DHCP assigned addresses, and the spontaneous port redirection still occurs once in a while.
  Is there a known bug where forwarded ports are sent to the wrong IP address?  Is there a fix in the works?  Is there other data I can gather that might help?

  Thanks for the reply.  I have a bunch of services running on several hosts, so configuring each port to forward to the proper host using the E3000 single port forwarding page is the only way to go.  It has been 4 days with uPNP turned off on the host (uPNP is still active in the router), and the problem has not occurred as yet.  However, sometimes it has taken over a week for the problem to occur.  So far things are looking good, and I am starting to believe that this host has been "stealing" port 80 by remapping it in the router via uPNP, albeit for reasons I do not understand.
  Because a uPNP device can change the port-to-DestinationIPAddress map in the router, the router really should be able to display the actual port map rather than just displaying the desired configuration.  Not being able to see the actual mapping make as much sense as not being able to not see actual DHCP assignments and only being able to see the desired DHCP configuration.  With the widespread deployment of uPNP, and considering the programming simplicty needed to display some table entries from the router's memory, this would seem an obvious and easy feature to add to the next firmware release.  A log of runtime configuration changes would be appreciated too, so that people can ascertain what device on the LAN caused a router configuration change and record what the changes were.  This sure would make troubleshooting a lot easier...

• Port forwarding on Sagem 2504 has stopped working

  I've had port forwarding configured and working on my Sagem 2504 router for months without issue.It suddenly seems to have stopped working.I have an unconfirmed suspicion this may be linked to the 3.18Skya4G firmware update - when was this update pushed out?I've tried deleting the rules and recreating them and also deleting/recreating the custom services and the rules. None of the above solves the problem.Someone else is reporting the exact same issue here. 

  Based on Borez' post I tried deleting everything and starting over. This *seems* to have fixed the problem. I believe the steps I followed were as follows:Delete all services and port forwarding rules.Reboot router.Recreate servicesRecreate rulesReboot routerSimilar to Borez the services/rules I recreated were identical to those which were there before - so no apparently good reason why this should have worked.

• How do I configure for port forwarding?

  I just relpaced my CISCO E3000 wireless router with an Apple Airport Extreme and need to set up port forwarding.  I find the Airport Utility confusing and very limited in capabilities.  How do I configure the router for Port Forwarding?

  Here's a document that you can follow:  https://discussions.apple.com/docs/DOC-3415
  However, I ran into an issue with setting this up and had to do a work-around: Custom Port Forwarding Config Not Working

• RV082 Port Forwarding or DMZ Configuration Assistance

  Greetings Community,
  I have an RV082 V2 with 2.0.2.01-tm and I am having trouble with getting my Sprint Airvana to connect properly to the mobile service.  Many suggestions I've read on the Sprint forums indicate putting the Airvana in the DMZ generally allows the device to work properly; however, none have the RV series routers for tips on how to do this appropriately.  This device used to work fine behind the RV082, but I reset it one day and it no longer works.
  The Airvana is a femtocell/router device with a WAN port and 3 LAN ports.  If I connect the Airvana directly to my cable modem, I get the appropriate connection and can then make calls through the device instead of through the Sprint connection; I live in a basement unit and get crappy signal without the device.  This proves the device works and that my ISP is not blocking the ports.  Sprint indicates the device uses UDP 53, 67, 68, 500 and 4500.  Their support sucks and they insist I put the Airvana before my router.  I absolutely do not want to use the Airvana as the router.  There are almost no configuration options in the router interface and it needs to be rebooted somewhat regularly, which would drop internet access throughout the house for 10-15 minutes while it reboots and finally establishes an internet connection.
  As soon as put the Airvana behind the RV082, I no longer get the appropriate connection.  I can, however, plug my computer into one of the LAN ports on the Airvana and connect to the internet in general.  I have the router assign a static IP to the Airvana, and tried forwarding the required UDP ports to the IP.  This did not fix the problem.
  I can certainly troubleshoot the port forwarding issues, but I would also like to look into putting the device into the DMZ, if possible.  I've not worked much in this area, so I am unsure how to appropriately configure the router to allow this to happen.  Is it possible to have the Airvana in the router DMZ without having a public IP for the device itself?  It seems this is something that can be done, but I could be mistaken.  If so, how is that done?
  Please feel free to ask any clarifying questions and I thank you in advance for any assistance you may provide.

  I apologize in the delay in getting back to this post; however, it dropped to the bottom of my priority list for a while.  As a workaround, I used the Airvana device as my router temporarily; however, I have the time again and would like to get it setup behind the RV082 again.
  It does not appear the device supports UPnP.  I had that enabled for some other applications already.
  According to http://tinyurl.com/AirvanaPorts I need the following UDP ports open: 53, 67, 68, 500, 4500.  Another suggestion from a Sprint rep was to also open/forward TCP 5060 and 5061.  I have the ports forwarded to the device as shown below and have confirmed the device has the correct IP address.  The device gets a valid internet connection (verified by plugging a computer into one of the LAN ports on the Airvana device; however, it still does not connect to the Sprint service like it should.  I am guessing there is another port and/or the Sprint article has incorrect information.
  To check this, I'm thinking I need to set the device up in the DMZ, but I'm not sure exactly what I need to do for proper configuration.  Is it as easy as enabling the DMZ port and plugging the device in, or are there other settings needed?  Is there anything else I may be missing for the Port Forwarding?

• BT HomeHub 4 - Cannot configure Port Forwarding

  so I want to open port forwarding on my HH4 to set up Vodafone Sure Signal which stopped working when infinity installed. the instructions at 
  http://bt.custhelp.com/app/answers/detail/a_id/43715 
  bear no relation to what I get on Home Hub Manager please advise....

  Here is an example of the settings for an IP camera connected to a home hub 4.
  http://forumhelp.dyndns.info/hardware/cctv/foscam/foscam.html
  It should give you some extra guidance.
  There are some useful help pages here, for BT Broadband customers only, on my personal website.
  BT Broadband customers - help with broadband, WiFi, networking, e-mail and phones.