RV180W not port forwarding

Similar Messages

• RV180W loses port forwarding rules when switching WAN connections

  We have a backup WAN connection in our office, but we switch this connection manually on our RV180W when the primary goes down. Our normal connection is ADSL with PPPoE, and the backup is Cable with DHCP.
  However, we also have some port forwarding rules for our VoIP PBX (UDP port 5060) as well as SSH, and these rules seem to stop working completely when we switch our WAN connection to our cable connection. We can still surf the web from our workstations, but our incoming phone calls and SSH connections all cease to work completely. The problem does not persist after we've switched back to our normal ADSL connection.
  This behaviour is completely bizarre and suggests that there's some kind of bug in the Cisco RV180W.

  helm,
  I'm sorry, I wasn't clear which IP address renewal I am speaking about.
  I believe that the problem is caused when the router renews the WHS's local IP address (192.168...). My WAN IP address remains unchanged througout the tests I performed and the problems I experienced.
  The very act of changing the local clients' lease time in the router's configuration causes the forwarding to be lost immediately. (I am gusessing that when the lease time is changed, the router immediately renews the lease and begins a new countdown.)
  (In fact, I might go as far as to say it is a bug in the firmware, but I haven't done enough testing to nail it down.)

• Can not port forward on WRT54GS v6 "You cannot use the router IP"

  Hello, I'm trying to open a port number, but when I try to use my router's IP, the following message appears
   "You cannot use the router IP, network, or broadband address"
  [IMG]http://i45.tinypic.com/107qond.jpg[/IMG]
  My ADSL was working as a NAT behind a NAT connection, so I had to change my Local IP Address to 192.168.2.1.
  Router: WRT54GS v6 firmware 1.52.8 (latest)  -  Bellsouth router: Westell 6100
  Microsoft Windows [Version 6.1.7600]
  Ethernet adapter Local Area Connection:
     Connection-specific DNS Suffix  . : launchmodem.com
     Link-local IPv6 Address . . . . . : fe80::40a9:a76e:61b3:6435%11
     IPv4 Address. . . . . . . . . . . : 192.168.2.100
     Subnet Mask . . . . . . . . . . . : 255.255.255.0
     Default Gateway . . . . . . . . . : 192.168.2.1
  So, please help me, how can I open ports on my router? =[
  PS: I tried to use 192.168.2.100, and even though it lets me use it, it still seems not to open that port... my IP is dynamic.

  Generally: NAT behind NAT is a bad idea. There is usually no need for double NAT. Either configure the ADSL router as bridge and use the WRT for your internet connection or set up the WRT as simple access point behind the ADSL router.
  It's also unclear to me what is working or not. First I thought you can't set up forwarding at all because you get that error message. Then, in your PS you write you tried to use 192.168.2.100 and that seemed to be possible. The IP address to forward to must be the IP address of the computer to which you want to forward. Thus 192.168.2.100 is exactly the IP address you have to set up. Does this work or not?
  Also remember: with double NAT you must set up two forwardings: first on the ADSL router then on the WRT. Port forwarding is necessary to allow incoming traffic through NAT. All incoming traffic arrives on the ADSL router. Thus setting up port forwarding on the WRT only won't do a thing.
  It's also not recommend to use dynamic IPs for forwarding destinations. Dynamic IP addresses may change over time and that requires you to adjust forwardings accordingly. It's better to reserve fixed IP addresses (if your WRT supports this) or set a static IP address on the computer outside the DHCP address pool.

• RVS4000 not Port forwarding

  I have  a new RVS4000 router, which is hosing a seagate GoFlec Home drive.
  Origianally my WRT54G router worked fine.
  I cannot get the UPnP to work.
  I have UPnP enabled.
  I have my goFlex Home to automatically configure router for portforwarding, ports 21, 22,80, and 443, and 50000 and 50001.
  So, nothing. I cannot connect to my drives http://my.intricatephotography.com
  Leaving UPnP enabled, I manually portforward my ports to 192.168.1.121 ( the LAN ip of the GoFlex Hardrive.)
  Now all works well.
  I'm noting too, that the HipServ site says that ports are forwarded correctly, but it cannot configure the router for UPnP correctly.
  Any suggestions?
  My port forwarding seem to be a up-and down situation. My customers are geting angry.

  Hi Darrin,
  Intriguing post, I just had to comment, as the application looks interesting.
  I have absolutely no idea how seagate goFlex @ home setup software  loaded on a PC or MAC  can automatically  via uPnP enable port forwarding specific ports and destination IP on a RVS4000 router.
  But, you manually port forwarded  and "Now all works well" as you said in your posting.
  Once a port if forwarded, it should not be up or down. I can't imagine port forwarding not working well on the RVS4000
  But, please check the seagate knowlwdgwbase and Axenta forum to see if others are having trouble with uPnP
  The problem originates from a feature that hasn't been validated on a cisco router, there must be better documentation on how to get uPnP workign with the goFlex application.
  Also why not place a warranty call with the Disti partner you purchased the freeagent goFlex @ home.
  Also I welcome input from  anyone within the community who  has seen this issue with goFlex@home application.
  regards Dave

• WRT400n Not Port Forwarding Even With Correct Settings

  As the title of this post says I have the port forwarding settings correctly set for FTP (and other ports) but no luck. I'm not dumb, I know computers and routers. Even after hard reset, firmware upgrade and setup, still not working. Confirming with third party port scanner that ports not open even though they are setup, enabled and DMZ a few tries. Not firewall issue, worked fine with my previous tomato router setup. I should have never upgraded. Any suggestions other than buying a new router AGAIN?

  I would suggest you to upgrade/reflash the router's firmware and re-configure the router.
  You can download the firmware from linksys website.On the router setup page,Click on the Administration tab to upgrade the firmware.After upgrading the firmware...Press and hold the reset button for 30 seconds...Release the reset button...Unplug the power cable from your router, wait for 30 seconds and re-connect the power cable...Now re-configure your router...

• Time Capsule Does Not Port Forward FTP Ports

  Hey there,
  I recently purchased a Time Capsule, and I found out that while it fixes the NAT-PMP bug found in my previous AirPort Extreme Base Station (Gigabit-N), it introduces a new problem which makes it refuse to forward port 21 properly.
  It seems to me that the Time Capsule has some sort of FTP server built in, and is either enabled but closes connection on client connection, or disabled but still listens for client connection.
  This message is what I get when I connect to my IP via FTP from the WAN side (FTP port forwarded to a local machine with an IP 10.0.0.8):
  421 Service not available, remote server has closed connection.
  When it is accessed from the LAN of course, I can connect to 10.0.0.8 with no problem. However, what is interesting is if I connect to the Time Capsule via FTP I get this as well:
  421 Service not available, remote server has closed connection.
  Thus, I am 100% certain that the FTP message I see when I connect from WAN is from the Time Capsule instead of the machine I port forwarded to.
  Apple needs to fix this annoying problem and at the same time fixes some VPN issues I'm having with my Nortel VPN client (4.68). It was all working when I had the AirPort Extreme Base Station.

  I am having a problem establishing an FTP session that is started with my FTP Client (CuteFTP) on my local network and attempting to connect to an FTP Server with one of my hosting providers. My first few attempts used FTPS (Secure FTP) as that is what I typically use when transferring FTP packets over the net. Well, this didn't work so I thought maybe the Time Capsule had a problem inspecting the encrypted packets so I switched to standard clear-text FTP just to see if the Time Capsule handles FTP session management functions correctly. This didn't work either. I'm using PASV FTP and have never had a problem before with my CISCO Router or with another consumer-based NAT router. I don't believe that the Server on the Internet gets the initial request on port 21 as I believe the Time Capsule is not allowing the packet to pass and my FTP Client spits back an error message : "Couldn't access FTP service " "Connection Failed". I have also used "Terminal" and initiated the ftp utility and attempted to connect to the same server and receive the following error message : "421 Service not available, remote server has closed connection.". I have attempted to put my computer in the DMZ by using the Default Host feature on the Time Capsule but that resulted in the same errors. I believe that I have tried most of the settings available on the Time Capsule to attempt to get this to work but no luck yet. If the packet is getting through to the server and the response back on the current ephemeral port is not getting through the Time Capsule I'm really hoping the solution is not having to port map all ephemeral ports as this is in the tens of thousands. Has anyone successfully established an FTP Session (Secure or Not) from your local client through the Time Capsule to a Server on the Internet. If so, could you help by providing any Time Capsule settings that were required for this to function properly....Thanks in Advance.
  Note: I have attempted to ftp to several different public ftp servers on the Internet and get the same error results. I have no problems ftping to local serverson my local network.

• WRT54GC - Orb app not port forwarding

  When trying to configure an app for port forwarding sometimes it will time out. In the App and Gaming section I will specify the app name, the start and end port number and finally enable it. When I click save settings it will just wait and wait and eventually time out. I got the same results w/ both IE7 and Firefox.
  Right now I'm trying to configure Orb by using the following specs
  orb1 80-80 enabled
  orb2 554-554 enabled
  orb3 13398-13401 enabled
  When I click Save Settings the browser will just wait and eventually time out. I finally got it to work by applying the settings one at a time. But when I got to the 3rd setting (orb3 13398-13401 enabled) the browser times out. No matter how many times I try won't apply.
  What am I doing wrong?

  Can you just leave the port 80 and put in the others? see if it accepts that...and you can try to upgrade your routers firmware...some firmwares previously had problems i think....
  "You tried your best and you failed miserably! "

• Xbox 360/one problem and port forwarding

  For a couple months now (since I got my AirPort Extreme) I have not been able to connect to a certain friend on xbox. I can connect to anybody else however. The only way we can (kind of) connect is if somebody else is host and we both connect to him.
  My NAT type is Moderate. When I try to test my connection on my xbox it says that I can connect but I am limited in matchmaking (this is joining games and using voice chat, which is the problem named above for my particular friend). The xbox shows the error and suggests that I enable UPnP or open the port 3074.
  The problem is that I have already have! I gave my xbox a static IP and forwarded the port 3074 to that IP.
  (I have also tried forwarding all the ports that xbox live uses to the xbox. These being:
  Port 88 (UDP)
  Port 3074 (UDP and TCP)
  Port 53 (UDP and TCP)
  Port 80 (TCP)
  as found on the xbox website...  https://support.xbox.com/en-US/xbox-360/networking/network-ports-used-xbox-live
  I made sure to put them in the right text boxes for UDP and TCP so that is not the problem either.)
  I know that the AirPort Extreme does not support UPnP but does have a similar thing called NAT Port Mapping Protocol which was already enabled. (I tried all possibilities of enabling/disabling NAT...Protocol and port forwarding/not port forwarding.)  ---  This is not the solution as I see it
  In short: My xbox tells me to open port 3074. I already have. It still tells me to open it and still won't work.
  I posted this on the apple discussion page (instead of the xbox discussion page) because I know that it's not an xbox problem. When I had my old linksys router it worked perfectly.

  I have this exact same question and problem.  I know this doesn't help, but would appreciate any updated information if you find an answer.  I'll keep working on this also and let you know if I find an anwer.

• Port Forwarding Twice?

  (Also posted in Airport discussions)
  I have previously used port forwarding via an AEn to access my Mac Pro while away. I have now installed a Mac mini Server and continue to use the Mac Pro as a client. Port forwarding now directs all incoming requests to the server for e-mail, file sharing, and web services, which I wish to continue. However, I'd also like to continue to access the other box, where I have telephony software installed requiring access to a phone jack (and the Mac mini is in a closet...). Is there a way to to access both the Mac mini Server and the Mac Pro? Thanks.
  C.

  Hi Charles
  Here's how I do it.
  First I do not "Port Forward" to my server. I use NAT which sends all default traffic to the server.
  I use Port Forwarding to route to other machines.
  The internal IP of my server is 10.0.1.253, and I believe that is the default NAT setting on a AE
  If you went to www.mydomain.com you would hit my Xserver's web services
  If you went to www.mydomain.com:81 you would be directed to the web services on my MacPro.
  In Port Mapping I used port 81 as the Public Port, the internal IP of my MacPro of 10.0.1.200, and of course use a private port of 80.
  As an example, for one machine I use Public Port 547 for AFP, 5901 for VNC, and 27 for FTP.
  Well known" TCP and UDP ports used by Apple software products

• SA 540 Can't get port forwarding to work.

  Now that the DMZ port doesn't seem to work, I have placed our Web and CRM server on a VLAN. I have created a firewall forwarding rule -> WAN to LAN HTTP allow always and pointed it to the internal IP address.
  When I type in our domain name in the browser I only get the Cisco remote management page, no forwarding to the web server.
  What am I doing wrong?
  I have tried to disable the remote management, but that still doesn't change anything. (btw, how do I change which port the RMON uses, it's grayed out in the setup page)
  SA 540 firmware 1.0.39

  No it does not work from outside my devise, I just get to the RMON page, no forwarding to my Web server at all. I've taken all FW rules away and just have the WAN to LAN allow HTTP "ip address of server" but still nothing.
  I got confirmation that the DMZ/Optional port does not work, I can't SSL from our Apple computers to our Network, and now it seems like we can't get our Web or e-mail servers working either if there is not port forwarding. On top of this, it now also seems like the SA 540 is blocking EDNS packets, slowing down our DNS server. Please tell me that there is something to be done, it can't be that Cisco have put a "Pro" devise out where only 9 out of 10 ports work and that you can not host Web, email or CRM servers because there is no port forwarding, not to mention it only supports IE browsers for SSL.
  I don't mean to sound cranky, but we have spend so much time trying to get this devise to work, please help. (I wish I could give you some logs, but logging doesn't seem to work either)

• How to port forward with AirPort Extreme

  I really just cant find an accurate description in the support community. Err, let me rephrase: I'm not tech-savvy enough to really comprehend all aspects of port forwarding within the AirPort utility.
  I am trying to set up a server for a game (Starbound) and I have been trying for hours to open 1 port. I believe it connects through TCP on port 20125.
  I cant seem to figure out which IP address the utility needs. The router's? Which IP address is the router's if so? How do I see that?
  I wish server was freeware so badly, I've watched videos and tried to replicate the results manually but I just absolutely can't get it. Would really appreciate support on this, as I've never encountered this problem configuring port forwarding in a browser-based scenario.
  Thanks all. All I really need is a walkthrough to open that ONE port.

  For reference the following AirPort User Tip will give you the basics for port forwarding.
  I cant seem to figure out which IP address the utility needs.
  What is required is the IP address of the host device that you want reached from the Internet. In this case it would be the server hosting the Starbound game.
  It is highly recommended that you configure your server with a static Private IP address. You can do this using the DHCP Reservation feature of the AirPort Utility. What this does is assign a dedicated address from the pool of addresses that are provided to local network clients. You will then use this address to populate the IP Address field for the port mapping. Note: Port Forwarding and Port Mapping are used interchangeably. Apple uses Port Mapping.
  To assign a DHCP Reservation:
  Start the AirPort Utility, select the AirPort Extreme, and then, select Edit.
  Select the Network tab.
  Click on the "+" button under the DHCP Reservations window.
  For "Description," enter Starbound or whatever you want to describe this port mapping.
  Reserve Address By: MAC Address
  MAC Address: (Note: This will be the hardware MAC address of the server's Ethernet or wireless interface.)
  IPv4 Address: [enter the desired IP Address that you want to assign the server. It should be from the available pool of DHCP addresses. By default this pool is: 10.0.1.2 thru 10.0.1.200. For example, you can use 10.0.1.100
  Select Save
  Using the reference provided earlier, use the AirPort Utility to define the port mapping that you require. (Note: You should still be on the Network tab.) I filled in the values for you. Note, however; that you may need to change the value for the IP Address field to the address that you set earlier in the DHCP Reservation.

• Port Forwarding for RDP 3389 is not working

  Hi,
  I am having trouble getting rdp (port 3389) to forward to my server (10.20.30.20).  I have made sure it is not an issue with the servers firewall, its just the cisco.  I highlighted in red to what i thought I need in my config to get this  to work.  I have removed the last 2 octets of the public IP info for security .Here is the configuration below:
  TAMSATR1#show run
  Building configuration...
  Current configuration : 11082 bytes
  version 15.2
  no service pad
  service timestamps debug datetime msec localtime show-timezone
  service timestamps log datetime msec localtime show-timezone
  service password-encryption
  hostname TAMSATR1
  boot-start-marker
  boot system flash:/c880data-universalk9-mz.152-1.T.bin
  boot-end-marker
  logging count
  logging buffered 16384
  enable secret
  aaa new-model
  aaa authentication login default local
  aaa authentication login ipsec-vpn local
  aaa authentication login ciscocp_vpn_xauth_ml_1 local
  aaa authorization console
  aaa authorization exec default local
  aaa authorization network groupauthor local
  aaa session-id common
  memory-size iomem 10
  clock timezone CST -6 0
  clock summer-time CDT recurring
  crypto pki token default removal timeout 0
  crypto pki trustpoint TP-self-signed-1879941380
  enrollment selfsigned
  subject-name cn=IOS-Self-Signed-Certificate-1879941380
  revocation-check none
  rsakeypair TP-self-signed-1879941380
  crypto pki certificate chain TP-self-signed-1879941380
  certificate self-signed 01
    3082024B 308201B4 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 31383739 39343133 3830301E 170D3131 30393136 31393035
    32305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 38373939
    34313338 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
    8100BD7E 754A0A89 33AFD729 7035E8E1 C29A6806 04A31923 5AE2D53E 9181F76C
    ED17D130 FC9B5767 6FD1F58B 87B3A96D FA74E919 8A87376A FF38A712 BD88DB31
    88042B9C CCA8F3A6 39DC2448 CD749FC7 08805AF6 D3CDFFCB 1FE8B9A5 5466B2A4
    E5DFA69E 636B83E4 3A2C02F9 D806A277 E6379EB8 76186B69 EA94D657 70E25B03
    542D0203 010001A3 73307130 0F060355 1D130101 FF040530 030101FF 301E0603
  ip dhcp excluded-address 10.20.30.1 10.20.30.99
  ip dhcp excluded-address 10.20.30.201 10.20.30.254
  ip dhcp excluded-address 10.20.30.250
  ip dhcp pool tamDHCPpool
  import all
  network 10.20.30.0 255.255.255.0
  default-router 10.20.30.1
  domain-name domain.com
  dns-server 10.20.30.20 8.8.8.8
  ip domain name domain.com
  ip name-server 10.20.30.20
  ip cef
  no ipv6 cef
  license udi pid CISCO881W-GN-A-K9 sn
  crypto vpn anyconnect flash:/webvpn/anyconnect-dart-win-2.5.3054-k9.pkg sequence 1
  ip tftp source-interface Vlan1
  class-map type inspect match-all CCP_SSLVPN
  match access-group name CCP_IP
  policy-map type inspect ccp-sslvpn-pol
  class type inspect CCP_SSLVPN
    pass
  zone security sslvpn-zone
  crypto isakmp policy 10
  encr aes 256
  authentication pre-share
  group 2
  crypto isakmp policy 20
  encr aes 192
  authentication pre-share
  group 2
  crypto isakmp key password
  crypto isakmp client configuration group ipsec-ra
  key password
  dns 10.20.30.20
  domain tamgmt.com
  pool sat-ipsec-vpn-pool
  netmask 255.255.255.0
  crypto ipsec transform-set ipsec-ra esp-aes esp-sha-hmac
  crypto ipsec transform-set TSET esp-aes esp-sha-hmac
  crypto ipsec profile VTI
  set security-association replay window-size 512
  set transform-set TSET
  crypto dynamic-map dynmap 10
  set transform-set ipsec-ra
  reverse-route
  crypto map clientmap client authentication list ipsec-vpn
  crypto map clientmap isakmp authorization list groupauthor
  crypto map clientmap client configuration address respond
  crypto map clientmap 10 ipsec-isakmp dynamic dynmap
  interface Loopback0
  ip address 10.20.250.1 255.255.255.252
  ip nat inside
  ip virtual-reassembly in
  interface Tunnel0
  description To AUS
  ip address 192.168.10.1 255.255.255.252
  load-interval 30
  tunnel source
  tunnel mode ipsec ipv4
  tunnel destination
  tunnel protection ipsec profile VTI
  interface FastEthernet0
  no ip address
  interface FastEthernet1
  no ip address
  interface FastEthernet2
  no ip address
  interface FastEthernet3
  no ip address
  interface FastEthernet4
  ip address 1.2.3.4
  ip access-group INTERNET_IN in
  ip access-group INTERNET_OUT out
  ip nat outside
  ip virtual-reassembly in
  no ip route-cache cef
  ip route-cache policy
  ip policy route-map IPSEC-RA-ROUTE-MAP
  duplex auto
  speed auto
  crypto map clientmap
  interface Virtual-Template1
  ip unnumbered Vlan1
  zone-member security sslvpn-zone
  interface wlan-ap0
  description Service module interface to manage the embedded AP
  ip unnumbered Vlan1
  arp timeout 0
  interface Wlan-GigabitEthernet0
  description Internal switch interface connecting to the embedded AP
  switchport mode trunk
  no ip address
  interface Vlan1
  description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
  ip address 10.20.30.1 255.255.255.0
  ip nat inside
  ip virtual-reassembly in
  ip tcp adjust-mss 1452
  ip local pool sat-ipsec-vpn-pool 10.20.30.209 10.20.30.239
  ip default-gateway 71.41.20.129
  ip forward-protocol nd
  ip http server
  ip http access-class 23
  ip http authentication local
  ip http secure-server
  ip http timeout-policy idle 60 life 86400 requests 10000
  ip dns server
  ip nat inside source list ACL-POLICY-NAT interface FastEthernet4 overload
  ip nat inside source static tcp 10.20.30.20 3389 interface FastEthernet4 3389
  ip nat inside source static 10.20.30.20 (public ip)
  ip route 0.0.0.0 0.0.0.0 public ip
  ip route 10.20.40.0 255.255.255.0 192.168.10.2 name AUS_LAN
  ip access-list extended ACL-POLICY-NAT
  deny   ip 10.0.0.0 0.255.255.255 10.20.30.208 0.0.0.15
  deny   ip 172.16.0.0 0.15.255.255 10.20.30.208 0.0.0.15
  deny   ip 192.168.0.0 0.0.255.255 10.20.30.208 0.0.0.15
  permit ip 10.20.30.0 0.0.0.255 any
  permit ip 10.20.31.208 0.0.0.15 any
  ip access-list extended CCP_IP
  remark CCP_ACL Category=128
  permit ip any any
  ip access-list extended INTERNET_IN
  permit icmp any any echo
  permit icmp any any echo-reply
  permit icmp any any unreachable
  permit icmp any any time-exceeded
  permit esp host 24.153. host 66.196
  permit udp host 24.153 host 71.41.eq isakmp
  permit tcp host 70.123. host 71.41 eq 22
  permit tcp host 72.177. host 71.41 eq 22
  permit tcp host 70.123. host 71.41. eq 22
  permit tcp any host 71..134 eq 443
  permit tcp host 70.123. host 71.41 eq 443
  permit tcp host 72.177. host 71.41. eq 443
  permit udp host 198.82. host 71.41 eq ntp
  permit udp any host 71.41. eq isakmp
  permit udp any host 71.41eq non500-isakmp
  permit tcp host 192.223. host 71.41. eq 4022
  permit tcp host 155.199. host 71.41 eq 4022
  permit tcp host 155.199. host 71.41. eq 4022
  permit udp host 192.223. host 71.41. eq 4022
  permit udp host 155.199. host 71.41. eq 4022
  permit udp host 155.199. host 71.41. eq 4022
  permit tcp any host 10.20.30.20 eq 3389
  evaluate INTERNET_REFLECTED
  deny   ip any any
  ip access-list extended INTERNET_OUT
  permit ip any any reflect INTERNET_REFLECTED timeout 300
  ip access-list extended IPSEC-RA-ROUTE-MAP
  deny   ip 10.20.30.208 0.0.0.15 10.0.0.0 0.255.255.255
  deny   ip 10.20.30.224 0.0.0.15 10.0.0.0 0.255.255.255
  deny   ip 10.20.30.208 0.0.0.15 172.16.0.0 0.15.255.255
  deny   ip 10.20.30.224 0.0.0.15 172.16.0.0 0.15.255.255
  deny   ip 10.20.30.208 0.0.0.15 192.168.0.0 0.0.255.255
  deny   ip 10.20.30.224 0.0.0.15 192.168.0.0 0.0.255.255
  permit ip 10.20.30.208 0.0.0.15 any
  deny   ip any any
  access-list 23 permit 70.123.
  access-list 23 permit 10.20.30.0 0.0.0.255
  access-list 24 permit 72.177.
  no cdp run
  route-map IPSEC-RA-ROUTE-MAP permit 10
  match ip address IPSEC-RA-ROUTE-MAP
  set ip next-hop 10.20.250.2
  banner motd ^C
  UNAUTHORIZED ACCESS TO THIS NETWORK DEVICE IS PROHIBITED.
  You must have explicit permission to access or configure this device.  All activities performed on this device are logged and violations of this policy may result in disciplinary and/or legal action.
  ^C
  line con 0
  logging synchronous
  line aux 0
  line 2
  no activation-character
  no exec
  transport preferred none
  transport input all
  line vty 0
  access-class 23 in
  privilege level 15
  logging synchronous
  transport input telnet ssh
  line vty 1 4
  access-class 23 in
  exec-timeout 5 0
  privilege level 15
  logging synchronous
  transport input telnet ssh
  scheduler max-task-time 5000
  ntp server 198.82.1.201
  webvpn gateway gateway_1
  ip address 71.41. port 443
  http-redirect port 80
  ssl encryption rc4-md5
  ssl trustpoint TP-self-signed-1879941380
  inservice
  webvpn context TAM-SSL-VPN
  title "title"
  logo file titleist_logo.jpg
  secondary-color white
  title-color #CCCC66
  text-color black
  login-message "RESTRICTED ACCESS"
  policy group policy_1
     functions svc-enabled
     svc address-pool "sat-ipsec-vpn-pool"
     svc default-domain "domain.com"
     svc keep-client-installed
     svc split dns "domain.com"
     svc split include 10.0.0.0 255.0.0.0
     svc split include 192.168.0.0 255.255.0.0
     svc split include 172.16.0.0 255.240.0.0
     svc dns-server primary 10.20.30.20
     svc dns-server secondary 66.196.216.10
  default-group-policy policy_1
  aaa authentication list ciscocp_vpn_xauth_ml_1
  gateway gateway_1
  ssl authenticate verify all
  inservice
  end

  Hi,
  I didnt see anything marked with red in the above? (Atleast when I was reading)
  I have not really had to deal with Routers at all since we all access control and NAT with firewalls.
  But to me it seems you have allowed the traffic to the actual IP address of the internal server rather than the public IP NAT IP address which in this case seems to be configured to use your FastEthernet4 interfaces public IP address.
  There also seems to be a Static NAT configured for the same internal host so I am wondering why the Static PAT (Port Forward) is used?
  - Jouni

• Port Forwarding for Minecraft - Port not recognized as open

  I am trying to set up Port Forwarding to host a Minecraft server on a local machine. I am able to connect to Minecraft from within the network, but when I try to use my external IP, it fails. I have port forwarding (supposedly) set up on my Airport Extreme base station, for TCP/UDP port 25565. When I check on canyouseeme.com , it says that the port is not open. Do I have some configuration wrong in Airport Utility? I'm pretty sure it's not something wrong with my Ubuntu box (the one hosting the server) because I am able to connect to it without any problem using it's Internal IP.
  Any help is greatly appreciated.

  I am having this same problem.  My AirPort Utility is v6.2.  I have followed a tutorial labeled for v6.  I cannot open my ports.
  I have a static IP address with the following:
  Router Mode: DHCP and NAT
  I increased the DHCP Range so it would include the static IP address I selected.
  DHCP Reservations
  Description: Minecraft
  Reserve Address By: MAC Address and entered my MAC address
  IPv4 Address: the static IP address that I created in System Preferences- Network
  Port Settings
  Description: Minecraft
  Public UDP Ports: 25565
  Public TCP Ports: 25565
  Private IP Address: same as above which is the same as the statis IP address
  Private UDP Ports: 25565
  Private TCP Ports: 25565
  I also checked with Comcast, my internet provider, to make sure they were not blocking port 25565.  The person on the chat said that that port was open.
  I have been using yougetsignal.com to check if my ports are open and so far nothing.
  Does anyone have any suggestions?

• Port forwarding is not working on SRP521W

  Hello,
  I have a problem with incoming traffic.
  I opend 3 ports as followed:
  I have olso anabbled de remote web menagement on port 888.
  From the outside i can access the remote management. but i cannot access my webserver on prot 80 or 443. I have checked with the isp provirder en these port or not blocked.
  Can anywane help,
  Thanks,

  Hi Danny, to my recollection there are not any bugs on the current releases for the SRP for forwarding.
  To affirm, you have went to Network Setup -> NAT -> Port forwarding
  Also, are you able to log in to the server locally with the LAN IP address using an internet browser for http and https?
  -Tom
  Please mark answered for helpful posts

• Port Forwarding on Home Hub 5 not working

  Hi,
  Is anybody else having problems getting ports to forward on their Home Hub or Home Hub 5?
  I am a new BT customer, less than a week infact and BT have been utterly hopeless in getting this resolved. All they do is send me instructions for port forwarding on a homehub which I do not need and tell me that i need to pay for their tech support to investigate it further which is freaking ridiculous considering port forwarding is an essential part of any router and this router is brand new, less than a week old. (Do BMW sell you a car and then refuse to take responsibility for a broken engine?)
  My other option is buying an ADSL 802.11ac router for £150 which out of principle, i dont think i should have to do. One of the reasons i came to BT in the first place was because the homehub is supposed to be one of the best free provider supplied routers around. 
  Please only reply to this if you know what you are talking about or have experienced this same issue yourselves. I reiterate that I have not missed any configuration steps on my part and this is a case of the homehub simply not working as it is designed.
  Scenario:
  I like to have remote desktop access to my home computer from external networks. I do not use 3rd party software such as 'log me in' or 'team viewer', I like to use Microsoft Remote desktop and had been doing so for years with my Sky broadband until last week.
  I have dynamic DNS running on my machine which updates my constantly changing external IP to the dns server so dont worry about that, thats all good.
  I have correctly set up the forwarding of TCP 3389 to the static I.P of my home desktop on the homehub (and rebooted and or factory reset several times)
  Result:
  Nothing. The homehub displays as though it has forwarded the ports yet i am still unable to remote in from an external network. The port shows as closed when i run a port scanner.
  The same goes for other ports I have tried to open. For example, my Xbox One.
  BT are sending me out a replacement Hub to try but I fear that this will have the same result as i have seen a few other people post with the same issues.
  If anybody has experienced and or resolved this, please let me know and i will be forever grateful
  Thank you

  When you do a major network revision always reset the TC to factory and start over.. it simply remembers too much of the last setup.
  Plug WAN TC into the HH5 and run through the airport utility again. The TC must go into bridge mode. It then should work fine, but I recommend particularly with Mavericks you use strict naming.
  Not apple names.. long, loose and loopy.
  Names that are short, 2-10 characters is plenty but make an upper limit of 20.
  No spaces..
  Pure alphanumeric.. no apostrophe or any other odd character.