Port forwarding details
Hello, I want to port forward protocol 8443 to a server behind my Cisco router.
My Cisco router is in turn connected to an ADSL PSTN facing router.
I understand the command to do this would be:
ip nat inside source static tcp {localServerIPAddress} 8443 fastethernet 0/1 8443
My question is; do I still need to define "ip nat insde" to fa0/1 of my Cisco router ?
Do I need to do anything else ? (n.b. I have already opened ip the port on the ADSL router and pointed it towards my Cisco router)
Thanks for confirmation.
You could just point your ADSL NAT directly to your sever as well. That should work if your Cisco router isn't currently NATing and the ADSL router has a route to that subnet.
Also no you don't need the IP NAT source list. The static NAT is all you need.
Sent from Cisco Technical Support iPhone App
Similar Messages
-
Port Forwarding Question - Detailed
Hi,
I hate wasting people's time, so I will give you very detailed information.
So here's an overview of the network. I have a WRT54G with V4.21 firmware on it. I also have a WRE54G Range Expander. Both are secured. We have 3 desktops, 2 laptops, and some game consoles hooked up to the wireless internet, with nothing connected with an ethernet cable (all wireless).
A friend and myself want to play an online game, which requires one person to be a server, and one to be a client. He doesn't have access to his network configurations, so I will end up being the server.
I have setup port forwarding, and the program gives me a Socket Error of 10061 - Connection was refused forcefully.
The port is 1001 that we need open.
I have checked with my ISP, and have found that they are not blocking any ports, so I know that is not an issue.
If I hook the computer up directly to the modem, it works fine, so it is definitely a forwarding issue.
I have DHCP turned off on the computer, my local IP address is 192.168.1.106
My port forwarding settings look like this.
Application: (Blank... but I have used other names during tests)
Start: 1001
End: 1001
Protocol: Both (I have also tried TCP and UDP individually)
IP Address: 192.168.1.106 (my static IP address)
Enabled: True
I have also tried turning the SPI Firewall Protection off, as well as Block Anonymous Internet Requests.
The IP address that the person is using to connect to the computer with is my router's IP address (which is propagated directly from the modem). With the port 1001. This is the same combination used when the computer is hooked up directly to the modem, however with it behind the router, the forwarding just doesn't seem to handle the forward.
I have tried it with Windows Firewall turned off, as well as my Norton AV.
I have also created exceptions and completely opened port 1001 in Windows Firewall just in case.
I've also tried just simply restarting the computer.
I'm tapped out of ideas... can anyone else suggest anything?
Message Edited by Joker_69 on 05-13-2008 01:53 AMAlright, I went through the checklist, and every single step in the checklist checked out, except for connecting from outside the LAN. I can connect to the server through 192.168.1.150:1001, but not through xxx.xxx.96.215:1001.
Here are all settings that have been changed (everything else should be assumed to be default values):
Wireless/Security:
Security Mode: WEP
Default Transmit Key: 1
WEP Encryption: 128 bits 26 hex digits
Passphrase: Have been set
Key 1, 2, 3, 4: Have been set
Security/Firewall:
Firewall Protection: Disable
Block Anonymous Internet Requests: False
Filter Multicast: True
Filter Internet NAT Redirection: False
Filter IDENT(Port 113): True
Applications & Gaming/Port Range Forward:
Application: (no name given)
Start: 1001
End: 1001
Protocol: Both (TCP & UDP)
IP Address: 192.168.1.150
Enable: True
Now, here is the Status Page of the Router:
Firmware Version: v4.21.1, Nov. 6, 2006
Current Time: Tue, 13 May 2008 23:47:26
MAC Address: xx:xx:xx:02:11:F5
Router Name: WRT54G
Host Name:
Domain Name:
Login Type: Automatic Configuration - DHCP
IP Address: xxx.xxx.96.215
Subnet Mask: 255.255.192.0
Default Gateway: xxx.xxx.64.254
DNS 1: xxx.xxx.133.68
DNS 2: xxx.xxx.133.100
DNS 3:
MTU: 1500
Here is the copy from ipconfig /all (with IP's blocked out):
Windows IP Configuration
Host Name . . . . . . . . . . . . : xxxxx-xxxxxxxxx
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Wireless-B PCI Adapter
Physical Address. . . . . . . . . : xx-xx-xx-0D-39-EC
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.150
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : xxx.xx.133.68
xxx.xxx.133.100
Here is my netstat -an:
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:25 0.0.0.0:0 LISTENING
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:443 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1001 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5051 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5101 0.0.0.0:0 LISTENING
TCP 0.0.0.0:7501 0.0.0.0:0 LISTENING
TCP 0.0.0.0:21159 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1026 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1045 0.0.0.0:0 LISTENING
TCP 127.0.0.1:3668 127.0.0.1:3669 ESTABLISHED
TCP 127.0.0.1:3669 127.0.0.1:3668 ESTABLISHED
TCP 127.0.0.1:3670 127.0.0.1:3671 ESTABLISHED
TCP 127.0.0.1:3671 127.0.0.1:3670 ESTABLISHED
TCP 192.168.1.150:139 0.0.0.0:0 LISTENING
TCP 192.168.1.150:4153 xxx.xxx.193.131:119 ESTABLISHED
TCP 192.168.1.150:4156 xxx.xxx.233.145:5050 ESTABLISHED
TCP 192.168.1.150:4170 xxx.xxx.107.81:1863 ESTABLISHED
TCP 192.168.1.150:4949 xxx.xxx.207.191:80 CLOSE_WAIT
TCP 192.168.1.150:4950 xxx.xxx.223.191:80 CLOSE_WAIT
TCP 192.168.1.150:4951 xxx.xxx.139.166:80 CLOSE_WAIT
TCP 192.168.1.150:4952 xxx.xxx.139.166:80 CLOSE_WAIT
TCP 192.168.1.150:4953 xxx.xxx.255.103:80 CLOSE_WAIT
UDP 0.0.0.0:445 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:1048 *:*
UDP 0.0.0.0:1050 *:*
UDP 0.0.0.0:1166 *:*
UDP 0.0.0.0:1178 *:*
UDP 0.0.0.0:1802 *:*
UDP 0.0.0.0:1803 *:*
UDP 0.0.0.0:1804 *:*
UDP 0.0.0.0:1805 *:*
UDP 0.0.0.0:1806 *:*
UDP 0.0.0.0:3456 *:*
UDP 0.0.0.0:4500 *:*
UDP 0.0.0.0:5051 *:*
UDP 127.0.0.1:123 *:*
UDP 127.0.0.1:1900 *:*
UDP 127.0.0.1:2089 *:*
UDP 127.0.0.1:2111 *:*
UDP 127.0.0.1:3459 *:*
UDP 192.168.1.150:9 *:*
UDP 192.168.1.150:123 *:*
UDP 192.168.1.150:137 *:*
UDP 192.168.1.150:138 *:*
UDP 192.168.1.150:1900 *:*
UDP 192.168.1.150:4160 *:*
UDP 192.168.1.150:4161 *:*
UDP 192.168.1.150:4163 *:*
UDP 192.168.1.150:4164 *:*
UDP 192.168.1.150:8163 *:*
UDP 192.168.1.150:39358 *:*
The sixth one down from the top looks like it is working properly.
Let me know what you think .
Message Edited by Joker_69 on 05-14-2008 12:01 AM -
How do you set up Port Forwarding for ARD 2.2 in AEB N?
Help,
I'm a novice at Apple Remote Desktop (ARD) - not an IT guy, so it has to be pretty basic and detailed.
How do you set up Port Forwarding for ARD 2.2 on the Apple Airport Extreme BS router, 802.11 N. I have one at each end of the internet connection. At one end I have an Airport Extreme N router with 2 macs and eventually 1 windows XP machine (if I can) that I would like to be able to connect to over the interenet (the clients) and at the other end, I have a Mac with ARD 2.2 installed also with an Airport Extreme N router. Note: Both routers use Static IP addresses and all computers use static IP's internally not through DHCP. What are the settings or directions to do this.
I have read and printed out the directions for Configuration of ARD 3.0 that are posted many times in the ARD discusion group, but it uses a Linksys router ( http://www.starkpr.com/ard.htm posted by Dave Sawyer). The Mac router is different, particularly with the place to set a Private IP address. I'm not sure about alot of things, but especially about the Private IP address, what number do I set it to, the one that is in my Network connections list? It automatically changes to a different number in AE N setup for Port Forwarding (by one) as if it is not suppose to the same?????
Are there any directions available that are as straight forward for the Airport Extreme N router, as the one's that are listed here for the Linksys Router's? ( http://www.starkpr.com/ard.htm )
Any and All help will be greatly appreciated.
P.S. I know I should have 3.0 but bought 2.2 just weeks before 3.0 came out and they would not give me an upgrade price, so I'm waiting for 4.0 to upgrade.
Thanks,
JimTry the following for each AirPort Extreme ...
AEBSn - Port Mapping Setup
To setup port mapping on an 802.11n AirPort Extreme Base Station (AEBSn), either connect to the AEBSn's wireless network or temporarily connect directly, using an Ethernet cable, to one of the LAN port of the AEBSn, and then use the AirPort Utility, in Manual Setup, to make these settings:
1. Reserve a DHCP-provided IP address for the host device.
Internet > DHCP tab
o On the DHCP tab, click the "+" (Add) button to enter DHCP Reservations.
o Description: <enter the desired description of the host device>
o Reserve address by: MAC Address
o Click Continue.
o MAC Address: <enter the MAC (what Apple calls Ethernet ID if you are using wired or AirPort ID if wireless) hardware address of the host computer>
o IPv4 Address: <enter the desired IP address>
o Click Done.
2. Setup Port Mapping on the AEBSn.
Advanced > Port Mapping tab
o Click the "+" (Add) button
o Service: <choose the appropriate service from the Service pop-up menu>
o Public UDP Port(s): 3283
o Public TCP Port(s): 3283
o Private IP Address: <enter the IP address of the host server>
o Private UDP Port(s): 3283
o Private TCP Port(s): 3283
o Click "Continue"
o Click the "+" (Add) button
o Service: <choose the appropriate service from the Service pop-up menu>
o Public UDP Port(s):
o Public TCP Port(s): 5900
o Private IP Address: <enter the IP address of the host server>
o Private UDP Port(s):
o Private TCP Port(s): 5900
o Click "Continue"
o Click the "+" (Add) button
o Service: <choose the appropriate service from the Service pop-up menu>
o Public UDP Port(s):
o Public TCP Port(s): 5988
o Private IP Address: <enter the IP address of the host server>
o Private UDP Port(s):
o Private TCP Port(s): 5988
o Click "Continue"
(ref: "Well Known" TCP and UDP ports used by Apple software products) -
SRP547W, How to use multiple WAN IPs for port forwarding?
Hi folks,
We've run into some difficulty trying to take advantage of multiple WAN IPs in conjunction with the SRP547, and I'm hoping someone here can help out or at least tell us that we're going to need to buy a different router...
What we're trying to acheive is the ability to port forward from our distinct public IPs to different internal servers. Looking at the options under Port Forwarding it looks like we can only configure forwards at the "WAN interface" level, but our problem is that we can't work out how to set up separate interfaces for each of our Public IPs...
Our ISP provides us with a fully managed NTU/router with a single "Internet" ethernet port, which we can use by statically configuring IPs on our end. For this configuration this port has been directly patched to the WAN ethernet port on the SRP547W.
We have been allocated a 255.255.255.248 (/29) subnet, giving us 5 usable IPs after the ISP's gateway address is taken into account, like so:
a.b.c.208 Network Address (/29 subnet)
a.b.c.209 ISP Gateway
a.b.c.210 IP1
a.b.c.211 IP2
a.b.c.212 IP3
a.b.c.213 IP4
a.b.c.214 IP5
a.b.c.215 Broadcast Address
On the SRP we've set up the default "Ethernet WAN2" sub-interface with the following details for IP1
VLAN ID: 4088 (Uneditable)
Connection Type: Static IP
Internet IP Address: a.b.c.210
Subnet Mask: 255.255.255.248
Default Gateway: a.b.c.209
The next step (I would have thought) would be to add a second sub-interface, using similar info for IP2
VLAN ID: 4000 (Chosen arbitrarily)
Connection Type: Static IP
Internet IP Address: a.b.c.211
Subnet Mask: 255.255.255.248
Default Gateway: a.b.c.209
When we try to do so however we get:
Fail!
Conflict with Ether_WAN2 interface address type
I should mention at this point that we're running on firmware version 1.02.01 (023).
Any suggestions on how we can proceed?
Is there a CLI or other method of configuration that might work if the web interface won't?
Thanks,
Tim.OK, I've seen reference to this solution before but not much in the way of details. Perhaps you can spell out how this ought to work, as the Software DMZ doesn't behave as I'd expected it to.
As before, on the SRP we've set up the default "Ethernet WAN2" sub-interface with the details for IP1 with a /29 subnet.
VLAN ID: 4088 (Uneditable)
Connection Type: Static IP
Internet IP Address: a.b.c.210
Subnet Mask: 255.255.255.248
Default Gateway: a.b.c.209
We'd now like to expose a server function on IP2, let's say LAN details for this server are:
VLAN: 3000
VLAN IP Range: 192.168.1.1/24
Server IP: 192.168.1.10
Server Port: 80
So first we turn on Software DMZ:
Status: Enabled
Public IP: a.b.c.211
Private IP: 192.168.1.10
WAN Interface: Ether_WAN2
My understanding, based on what you've said, is that this should expose the whole server to external access via IP2. Unfortunately, it doesn't seem to work this way - we don't seem to have any access at all. Perhaps there's a default deny rule on the firewall?
Just to be sure, I tried creating a rule to allow HTTP traffic to the server in the Advanced Firewall page.
In Interface (WAN): All
Out Interface (LAN): VLAN.3000
Source IP: 0.0.0.0
Source Subnet: 0.0.0.0
Destination IP: 192.168.1.10
Destination Subnet: 255.255.255.255
Protocol: TCP
Source Port: Any
Destination Port: Single:80
Action: Permit
Schedule: Everyday
Times: 24 Hours
Still no dice. What am I missing?
Cheers,
Tim. -
How to IPsec site to site vpn port forwarding to remote site?
Hi All,
The scenario where a Site to Site VPN tunnel has been established between Site A and Site B. Lan on Site A can ping Lan on Site B. My problem is a Printer behind Site B needs to be accessed by using the WAN IP address of Site A. Also i could not ping the remote lan or printer from the router.
Below are my configure on the Cisco 877 in site A. Would you please advise the solution for that?
Building configuration...
Current configuration : 5425 bytes
! Last configuration change at 15:09:21 PCTime Fri Jun 15 2012 by admin01
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Laverton
boot-start-marker
boot-end-marker
logging message-counter syslog
no logging buffered
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
clock timezone PCTime 10
crypto pki trustpoint TP-self-signed-1119949081
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1119949081
revocation-check none
rsakeypair TP-self-signed-1119949081
crypto pki certificate chain TP-self-signed-1119949081
certificate self-signed 01
XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
69666963 6174652D 31313139 39343930 3831301E 170D3132 30363135 30343032
30385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 31313939
quit
dot11 syslog
ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.50
ip dhcp pool DHCP_LAN
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 61.9.134.49
lease infinite
ip cef
no ipv6 cef
multilink bundle-name authenticated
object-group network VPN
description ---Port Forward to vpn Turnnel---
host 192.168.2.99
username admin01 privilege 15 secret 5 $1$6pJE$ngWtGp051xpSXLAizsX6B.
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp key mypasswordkey address 0.0.0.0 0.0.0.0
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map SDM_DYNMAP_1 1
set transform-set ESP-3DES-SHA
match address 100
crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1
archive
log config
hidekeys
no ip ftp passive
interface ATM0
description ---Telstra ADSL---
no ip address
no atm ilmi-keepalive
pvc 8/35
tx-ring-limit 3
encapsulation aal5snap
protocol ppp dialer
dialer pool-member 1
dsl operating-mode auto
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
switchport access vlan 10
shutdown
interface FastEthernet3
interface Vlan1
description ---Ethernet LAN---
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1420
interface Vlan10
ip dhcp relay information trusted
ip dhcp relay information check-reply none
no ip dhcp client request tftp-server-address
no ip dhcp client request netbios-nameserver
no ip dhcp client request vendor-specific
no ip dhcp client request static-route
ip address dhcp
ip nat outside
ip virtual-reassembly
interface Dialer0
description ---ADSL Detail---
ip address negotiated
ip mtu 1460
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1420
dialer pool 1
dialer-group 1
ppp chap hostname [email protected]
ppp chap password 0 mypassword
crypto map SDM_CMAP_1
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat inside source static tcp 192.168.2.99 80 interface Dialer0 8000
ip nat inside source static tcp 192.168.2.99 9100 interface Dialer0 9100
ip nat inside source route-map SDM_RMAP_1 interface Dialer0 overload
ip nat inside source route-map SDM_RMAP_2 interface Dialer0 overload
ip access-list extended NAT
remark CCP_ACL Category=16
remark IPSec Rule
deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
permit ip 192.168.1.0 0.0.0.255 any
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 100 remark CCP_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 101 remark CCP_ACL Category=2
access-list 101 remark IPSec Rule
access-list 101 deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 101 permit ip 192.168.2.0 0.0.0.255 any
route-map SDM_RMAP_1 permit 1
match ip address NAT
route-map SDM_RMAP_2 permit 1
match ip address 101
control-plane
line con 0
no modem enable
line aux 0
line vty 0 4
transport input telnet ssh
scheduler max-task-time 5000
end
Your help would be very appreciated!
PS: I know it is easier if i config Site A as the VPN server but in out scenario, we need to access printer from internet over static WAN IP of site A.
Thanks,
ThaiIs there anyone can help please?
-
Port forwarding but can only connect to wifi in Bridge Mode
Hi
Our ISP is TalkTalk and we use their Fibre service which connects through a BT Open Reach Modem. The TalkTalk router seemed to causing drop outs in wifi on my macbook pro so I bought an Airport Time Capsule for the wifi router and to back up my mac.
We aren't issued with PPPoE details and the advice from the TalkTalk community was to connect with the Router in Bridge Mode. This has worked a treat with the various Apple and non Apple items we have in out house except one.
We have security cameras which we control through a Windows laptop and can view one out phones. To make this happen we have to set up port forwarding. However, we can't do this as it's in Bridge Mode (as far as I understand).
I'm afraid my knowledge of these things is very basic so I'm hoping that someone will have an easy answer to this. Anyone got any advice on how I can make this pretty white box do its stuff please?
Thanks in advance!No idea what a double NAT is but you clearly do so here goes...
traceroute 8.8.8.8 on the mac gives as follows:
traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 52 byte packets
1 192.168.1.1 (192.168.1.1) 6.246 ms 2.840 ms 2.875 ms
2 89-168-80-1.dynamic.dsl.as9105.com (89.168.80.1) 14.513 ms 14.967 ms 20.831 ms
3 host-78-151-225-23.static.as13285.net (78.151.225.23) 19.752 ms 20.399 ms 28.106 ms
4 host-78-151-229-12.as13285.net (78.151.229.12) 19.760 ms
host-78-151-225-140.static.as13285.net (78.151.225.140) 18.391 ms
host-78-151-225-136.static.as13285.net (78.151.225.136) 18.467 ms
5 host-78-144-8-11.as13285.net (78.144.8.11) 29.582 ms
host-78-144-8-53.as13285.net (78.144.8.53) 31.276 ms
host-78-144-8-5.as13285.net (78.144.8.5) 27.278 ms
6 72.14.214.222 (72.14.214.222) 37.593 ms 25.132 ms
72.14.242.127 (72.14.242.127) 30.195 ms
7 209.85.252.188 (209.85.252.188) 27.070 ms
209.85.252.186 (209.85.252.186) 77.680 ms
209.85.252.188 (209.85.252.188) 24.477 ms
8 209.85.253.90 (209.85.253.90) 24.506 ms
209.85.253.196 (209.85.253.196) 29.255 ms
209.85.253.90 (209.85.253.90) 26.403 ms
9 66.249.95.173 (66.249.95.173) 41.521 ms
72.14.232.134 (72.14.232.134) 35.473 ms 30.789 ms
10 209.85.251.231 (209.85.251.231) 30.069 ms
216.239.49.45 (216.239.49.45) 31.578 ms
209.85.252.83 (209.85.252.83) 31.383 ms
11 * * *
12 google-public-dns-a.google.com (8.8.8.8) 38.442 ms 30.063 ms 30.282 ms
traceroute 8.8.8.8 on the mac plugged into the HG533 gives as follows:
traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 52 byte packets
1 192.168.1.1 (192.168.1.1) 0.999 ms 0.679 ms 0.668 ms
2 89-168-80-1.dynamic.dsl.as9105.com (89.168.80.1) 13.577 ms 12.817 ms 13.668 ms
3 host-78-151-225-23.static.as13285.net (78.151.225.23) 16.828 ms 15.490 ms 24.315 ms
4 host-78-151-225-140.static.as13285.net (78.151.225.140) 18.755 ms
host-78-151-225-30.static.as13285.net (78.151.225.30) 20.538 ms
78.151.229.0 (78.151.229.0) 19.488 ms
5 host-78-144-8-29.as13285.net (78.144.8.29) 23.690 ms
host-78-144-8-39.as13285.net (78.144.8.39) 26.756 ms
host-78-144-8-59.as13285.net (78.144.8.59) 23.145 ms
6 72.14.242.127 (72.14.242.127) 24.608 ms 26.403 ms
72.14.214.222 (72.14.214.222) 22.601 ms
7 209.85.255.78 (209.85.255.78) 26.205 ms 23.783 ms
209.85.252.186 (209.85.252.186) 25.291 ms
8 209.85.253.94 (209.85.253.94) 25.553 ms
209.85.253.196 (209.85.253.196) 58.607 ms 31.902 ms
9 66.249.95.173 (66.249.95.173) 49.369 ms
72.14.232.134 (72.14.232.134) 32.418 ms 32.654 ms
10 72.14.238.43 (72.14.238.43) 34.146 ms
209.85.252.83 (209.85.252.83) 34.292 ms
216.239.49.45 (216.239.49.45) 29.860 ms
11 * * *
12 google-public-dns-a.google.com (8.8.8.8) 36.619 ms 36.902 ms 29.731 ms
Hope this gives the result we're after -
Can anyone tell me how to port forward and setup an XBOX 360 using my Time Capsule??
Xbox 360
When playing the game online, the minimum speed of your network should be 128kbps. The ideal network speed for playing the game online is 768kbps. If you are having a problems with lag check the following:
Network Troubleshooting:
Disable any firewall or security features on your router.
Set port forwarding on your router to the IP address of your Xbox 360. This game uses port 3074 (UDP/TCP). Additionally Xbox LIVE requires ports 80, 53 TCP and 88, 53 UDP.
Place your Xbox 360 into the DMZ of your router.
Disconnect your router and try the game. If it works regularly at this point something about your router may not be completely compatible with the specific needs of this game. Check with your router manufacturer and Microsoft's Xbox Live Connection Issues page for additional steps that may need to be done to resolve the issue you are having. You can also verify that you have an Xbox Live compatible router.
If you are having issues connecting while multiple Xbox 360 consoles are connected on the same network, try forwarding port 3074 (UDP/TCP) for one Xbox 360 and setting the other as DMZ. There is a chance that this may not resolve you issue, if it doesn’t then you may want to consider getting an additional public IP address by contacting your Internet Service Provider and assigning it to one of these two consoles.
NOTE: If setting port forwarding or DMZ helps your connection issue, you may want to assign your Xbox 360 a static IP address within your home network. This can help to ensure that the configurations you made do not need to be done again. You can visit PortForward's Static IP Guide for a detailed guide on how to do this.
NOTE: Many broadband internet modems are coming with routing capabilities built in. Please contact your internet service provider to determine if your internet modem has an integrated router. If it does, they should be able to assist you with the steps above for setting up your router.
Once you have verified that your network setup is not the cause of the issue, try the following:
Try connecting to a different server. Some servers may have other players connected to them that you do not have an optimal connection with. In most games this is accomplished by backing out to the main menu and then selecting multiplayer again. From there you can try connecting to another online game.
Run the Xbox Network Self Test to see how strong your NAT is currently set to. Once the test is completed you will be notified if there is an issue with your connection. If you select "More Info" you will be given information about your NAT type and some steps to resolve any issues with your connection.
Moderate and Strict NAT types may have issues connecting to online matches. You may get the error "Notice - The game session is no longer available." If you do then enabling UPnP, forwarding port 3074, or placing your Xbox in your router's DMZ may resolve this issue. Please consult your router documentation for instructions on how to do this.ouman88 wrote:
Whoa....this just went way over my head.... I already have 6.1 installed for my Airport Utility.
Read again what I wrote.. 6.1 is the problem.. or part of it.
You need to install the earlier 5.6 version which I have given you explicit instructions to do.
I have done something now and can not connect the XBOX at all now....unless you can provide me step by step directions I may have to call Apple Support.
This will happen over and over.. just press reset and start again.. you need to learn how to do the setup and using 5.6 utility will help you.. as will using ethernet from the computer to the TC.. trying to fix things over wireless is like sitting on a tree branch you are sawing off. As soon as you update you will fall to the ground.
I am not that sure that Apple Support will have any idea.
Do a google search .. you will find most people struggle with this.. Microsoft made the xbox to use upnp with vista specs.. if you use a router without upnp, ie any apple router.. you will have issues.
Have a go at bypassing the problem.. I have no idea if this will work.. I do not use a TC as the main router because much of my network including xbox and ps3 is just a pain.. I use a modem router with upnp. And bridge the TC.. that is the setup I would recommend.
Try this.. once you have installed 5.6 utility.
Get the IP of the XBox and click enable default host.. and put the IP address in there.. this is called DMZ.. all unassigned packets are forwarded to this ip address.. it is like a port forwarding for all ports.
See if it helps.. If it does you will need to lock the xbox address so it doesn't change.. we can get to that.
Tell me what kind of broadband you have and what modem router first.. none of this will work if you have double NAT. -
BT Home Hub 3 + Back To My Mac / Port Forwarding
I've recently got BT Infinity and along with it a BT Home Hub 3 which doesn't seem to be playing nicely with Back to my Mac.
The setup on the Mac side of things is correct and I can see my remote computer but I just can't connect to them, or vice versa. The Back to My Mac preference is showing that the router needs configuring for better performance.
I've ensured UPnP is enabled and forwarded the following ports to the device:
TCP 5354
UDP 4500
UDP 5353
UDP 500
UDP/TCP 4488
Which I found listed in http://support.apple.com/kb/TS1629
After doing some checks on these ports using http://canyouseeme.org it would seem that only one of these ports is open, and even then it's occassional.
BT seem to state on http://bt.custhelp.com/app/answers/detail/a_id/12529/~/why-do-i-get-an-error-message-when-using-appl... that 'Back to My Mac' isn't compatible and this is due to a compatibility issue on Apple's part. Frustratingly this article doesn't indicate a date when this was posted. Never the less, I would presume this could only be UPnP related — i.e. the necessary ports won't open automatically. I'm unsure of what other compatibility issues there would be. If the ports are open it should work fine.
I've read numerous threads in many forums about the BT Home Hub 3 port forwarding not working correctly, is this still true? If so, surely the device should be deemed faulty or a firmware update should have been put in place by now to resolve this. I can't seem to find any recent articles regarding this.
Thanks in advance for any help!
Solved!
Go to Solution.Hi ollie,
If you're still having problems with this please feel free to contact us via the webform link in my profile and we'll check to see what the current status of the investigations with Back to my Mac is.
Cheers
Dean
BTCare Community Mod
If you like a post, or want to say thanks for a helpful answer, please click on the Ratings star on the left-hand side of the post.
If someone answers your question correctly please let other members know by clicking on ’Mark as Accepted Solution’. -
Home Hub 3 Port Forwarding Issue - Question to BT
Question to BT
Hello i have recently joined BT Infinity and have hit the issue of the Port Forwarding not working. My HH3 is on the following version of software. Will this version automatically upgrade to the latest version of firmware and will this fix my port forwarding issue?
As i work in IT (Cisco Network Eng) i need to be able to access several devices/services at home and this is a real pain for me. If you think that this could drag on as some posts have indicated could you please let me know and i will either get a draytek or throw in a cisco 1841.
Thank you
Dean.
Current firmware:
V100R001C01B031SP09_L_B
Last updated:
Unknownrequiem wrote:
Question to BT
Hello i have recently joined BT Infinity and have hit the issue of the Port Forwarding not working. My HH3 is on the following version of software. Will this version automatically upgrade to the latest version of firmware and will this fix my port forwarding issue?.........
Thank you
Dean.
Current firmware:
V100R001C01B031SP09_L_B
Last updated:
Unknown
Hi Dean
By the look of it you've got the type B version of the HH3 with current firmware.
From http://bt.custhelp.com/app/answers/detail/a_id/13073
The latest versions of the firmware are:
BT Home Hub 3 – Software version 4.7.5.1.83.8.57.1.3 (Type A) or V100R001C01B031SP09_L_B
Please Click On any Text in Blue as that automatically links to information.
PC (NDEGR) -
I've got a NAS setup with various services running on custom ports to help minimize exposure (especially to script kiddies). I've tested everything both internally and externally to confirm they all work, and even had someone at a remote location confirm accessibility as well. Port forward configurations performed on the Actiontec are working well.
I installed an L2TP/IPSec VPN server, tested internally and it connected successfully. So for all intents & purposes, this validates that the VPN server is correctly configured to accept inbound connections and functioning correctly.
I logged into the Verizon Actiontec MI424WR router, setup port forwarding for UDP ports 500, 1701 & 4500.
Note: I added the AH & ESP protocols based on what I saw on the built-in L2TP/IPSec rules
With the port forwarding in place, I tested VPN externally but it didn't connect.
I've done the following so far to no avail:
Double & triple checked the port forwards, deleted & recreated the rules a few times to be sure
There are no other pre-existing L2RP/IPSec port forward rules or otherwise conflicting port forward rules (e.g.: another rule for ports 500, 1701 or 4500)
There was an L2TP port triggering rule enabled, that I toggled on and off with no change
Verified the firewall on VPN server had an exclusion for L2TP, or that the firewall is off. (Firewall is off to reduce a layer of complexity, but it worked internally to begin with so I doubt that's the issue.)
Since it works internally, and there are no entries in the logs on the device indicating inbound connections, I'm convinced its an issue with the Verizon Actiontec router. But unfortunately, I'm not sure what else to try or where else to look to troubleshoot this. For instance, is there a log on the router that I can view in real time (e.g.: tail) that would show me whether or not the inbound connection attempt is reaching the device, and whether or not the device allowed or blocked it?
My router details:
Verizon Actiontec
MI424WR-GEN2
Revision E
Firmware 20.21.0.2
Verizon Actiontec built-in L2TP/IPSec rule templates. They're not currently in use, but are baked into the firmware for easy configuration/selection from a drop down menu.
Solved!
Go to Solution.normally a vpn on that router, will have a GRE tunneling protocol as well.
two ways to build the PF rules,
Manually
Preconfigured
I know the preconfigured VPN rules will do the GRE protocol as well, but if you do it by hand you can't get it. -
Not enough port fields in port forwarding for Linksys E4200
I have always used netgear routers in the past. After a series of issues regarding configurations not working correctly I invested in what appeared to be a semi pro router, the cisco linksys e4200.
I have a centralized server which I use to access a mass of different services such as mail, dns, VPN, FTP, Kerberos, http and many more. While I am not a massive networking nerd, this server setup is like my garage project. To access these services externally to my LAN as far as I understand I would need to configure port forwarding for each service to my server. Unfortunately the control panel for the linksys E4200 only offers about 15 custom port fields for forwarding, and some documentation I have read shows that with it's basic install my server could be using up to 60 ports at once.
Is this router just not suitable for this sort of network. If so I will be very disappointed because I have spent a quarter of the price on netgear routers with more control than this.
If anybody could assist with details and options I would greatly appreciate itWrong forum, use "small business routers".
-
Port Forwarding to Mac Pro with 2 different internet connections
I have my Mac Pro connected to the back of my cable modem. I have given this service the name "Cable" in my network preferences. The details are:
IP: xxx.xxx.xxx.100
Subnet: 255.255.248.0
Router: xxx.xxx.xxx.1
I have the other Ethernet port of my Mac Pro connected to the back of my Airport Extreme which runs ADSL+ from another ISP. I have called this service "ADSL". The details for this connection are:
IP: xxx.xxx.xxx.188
Subnet: 255.255.255.0
I run a calibre server on the Mac Pro and on my PC (the PC is directly plugged into the back of the Airport Extreme). I have a Dyndns service that works on the address of the Airport Extreme base station.
I can access the PC's calibre server via the mobile network but NOT the Mac's. Even though I have port forwarding to the Mac's reserved IP address of 188, I can't access the server. I can access it on my iphone/ipad via WIFI but not from the mobile network.
If in my Network preferences I change the order of the services i.e. make the ADSL the top service and cable the second, I CAN access the server from the mobile network. It works as it should. If I change the order so that the Cable service is on top, I can't access the server again.
Why does this happen? Can I fix this? Do I need to set up another Dyndns service on my Mac Pro?
Any help would be greatly appreciated. I am going to post this as a new post as well because I'm not sure whether the people that were so helpful last time will know that I have updated the post.Just installed TeamViewer and we're using that. Works great.
-
Help setting up port forwarding for Ekiga
Hi
I am trying to set up Ekiga on my Arch X86_64 box but I can't get port forwarding to work on the Thomson TG585v7 wireless router, which I am sharing with a neighbor. I have tried some how-to's I found via Google and set up Application/Game Sharing for the ports Ekiga uses. I also set up static IP connection as it seems to be needed by the router for port forwarding to work but Ekiga still reports that it cannot set up my network connection and asks me to set up port forwading manually, which I have already done.
I would very much appreciate any help to get Ekiga going for me.
My thanks in advance.graysky wrote:No idea for you specific hardware but should be pretty trivial. http://wiki.ekiga.org/index.php/Enable_ … g_manually
Thanks, but the problem is that setting up the router doesn't seem to work. I checked and repeated the set up a few times but no result. I feel I am missing a little detail somewhere but can't put my finger on it :-( -
WRT610N Port Forwarding Issues
Hello I am attempting to port forward the WRT610n however I am currently having no luck at all, here are the details of how the network is set up
It is a WRT610N model ver2.0 router with a Siemens Speedstream 4201 router (connected by full bridge mode via ethernet)
DHCP reservation is on (with the computer reserved to an IP I want to port forward to)
I have tried using DMZ as well as Port Range Forwarding, disabling/enabling UPNP, turning off home network defender, using QoS in various ways, SPI firewall being disabled/enabled, Filter Anonymous Internet Requests disabled
Is there anything else I can try (I am able to provide more details if necessary)
The error I am actually getting is "error: connection refused"Both Internet IP address (under status page and What Is My IP are the same)
Since I am running linux, I will post my ifconfig
Link encap:Ethernet HWaddr 00:0F:EA:8CC:AB
inet addr:192.168.1.103 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: 2002:7c95:3a2f:0:20f:eaff:fe8c:dcab/64 Scope:Global
inet6 addr: fe80::20f:eaff:fe8c:dcab/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4033 errors:0 dropped:0 overruns:0 frame:0
TX packets:4087 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2509974 (2.3 Mb) TX bytes:578431 (564.8 Kb)
Interrupt:21
Here is my netstat -an
http://pastebin.com/exte64rq
Here are the settings for my port range forwarding (I tried the same for single port forward)
49164-49164 Protocol (BOTH) 192.168.1.103 for IP destination (and its obviously enabled)
I test the forwarding of ports using various websites (http://www.canyouseeme.org/, http://www.utorrent.com/testport?port=49164) -
BT HomeHub 5 Port forwarding to 2 PCs
I have two PCs set up with TightVNC server and can access them both perfectly. One is on <ipaddress>:ort 5900 and the other on <ipaddress>prt 5901. I have also set up port forwarding so I can access one PC via the internet using no-ip to handle the ddns. To set this up I selected the application VNC and linked it to the PC. This works well and remote TightVNC client can log into the TightVNC server on that PC. The problem is that I have two PCs running TightVNCserver and I need to remotely log into either or both simultaneously but I cannot set up another port forwarding entry as VNC is in use and removed from the list of applications.
Is there any way to set up port forwarding to two PCs with different port numbers?
Thanks
Richard
Solved!
Go to Solution.Without getting my HH out of the cupboard to check, is there not an 'other' application that you can assign the port to? Surely the name is just a label it doesn't have to be called VNC.
Edit: Found this http://bt.custhelp.com/app/answers/detail/a_id/46548/~/how-to-set-up-game-and-application-sharing%2F... click 'no' at step 3 of the second set of instructions.
Maybe you are looking for
-
I have set up some new task statuses and set up the transitions. However, after settiing the task status to one of the new ones, when i try and save the change, i get the message 'For closing task, assignment should have Cancelled, Closed, Completed
-
JPanel doesn't show new text after JLabel edit
Hello, I am trying to create a custom progress bar-esk window to show users during lengthy methods. I have a new Thread which creates and displays a new ProgressWindow object (a JFrame with a JPanel and JLabel attatched). At second intervals the text
-
I want to print duplex to a 4x6 inch postcard. The printer is set with a duplex queue. No postscript printing only PCL printing. We are on Reports 6i running against the 9i db. The data will come from one record. Fields 1,2,3 go to front side for the
-
Email Account Setup - Provider Identity Not Verifiable
Hi, today I completed a hardware upgrade at Rogers from BB Bold 9000 to BB Q10. I successfully setup my Hotmail account. However, in trying to add another account (POP3) it does not complete and displays "Provider Identity Not Verifiable"??? Rogers
-
Dbassist still doesn't work after Suse patch
I have followed the instructions to a tee on the Suse website on how to install 8.1.7 on Suse 7.1. I manage to install 8.1.7 EE fine, run the glibc-2.1.3-stubs.tar.gz patch, but cannot run dbassist. I either get the traditional SIGSEV error, or (afte