Simple Port Forwarding Question

Similar Messages

• Simple Port Forwarding - SRW2016, SRW2024, SRW2048

  Does anyone have a guide for simple port forwarding on the SRW2016-48 series?
  Thanks

  What "ports" do you want to forward? What do you mean with "port forwarding"? Please explain what you want to do!

• Rv120w and simple port forwarding.

  Hi
  I just got a new rv120w and want to set it up, like my old router.
  I have a webserver that people around the world, should be able to visit, but I can't figure whats wrong.
  You can see my settings in port forwarding here.
  Can anyone help me out here ?
  Regards Steen

  Hi
  Thats a little strange :
  The access rule was created automatic.When I deleted it, the port forwarding also was deleted. I created the port forwarding again, the access rule came again (with the same settings as before) and now it is working from the internet.
  But not from the lan side.
  Hmmmm ?

• Newbie: simple port forwarding

  I want to add surveillance camera to my office. I have configured the ip webcam on the LAN and wanting to know how to configure the OS X server to point to the webcam. The server is the internet gateway.
  Thanks,
  Jon

  There's no GUI interface for setting up port forwarding when your Mac is the router/gateway.
  If possible I'd set this up at your router, where the router performs NAT for the network, rather than your Mac (almost by definition if your Mac is acting as the gateway then it has a public-facing interface, which I rarely recommend).
  In addition to that, the specifics on which port(s) to forward will depend on the camera. Some cameras implement a web-based interface, so you might need port 80. Others may use different ports (and even cameras that use a web interface may use a different port).
  One other consideration would be a tool such as Security Spy - it's software designed to interact and manage multiple cameras, including features like time lapse recording, motion detection, remote notifications, and more. If this were running on your gateway then you wouldn't need to deal with port forwarding to the camera directly.

• Port Forwarding Question for IP Camera with MI424WR-GEN3

  So just switched to fios from cable and trying to set up port forwarding on this new actiontec router so I can view my IP Camera from outside the house.
  The camera has a static IP address of 192.168.1.200  using port 8080 and I works fine if I type that IP address with the port into the browser inside the network.
  The IP Camera company requires you to port forward  port 80 (switched to 8080) 554 and 50000-60000.
  So I set up Portforwarding on the router like this:
  Networked Computer / Device
  192.168.1.200:8080
  Applications & Ports Forwarded
  IPCamera
  TCP 8080 -> 8080
  UDP 8080 -> 8080
  TCP 554 -> 554
  UDP 554 -> 554
  TCP 50000-60000 -> 50000-60000
  UDP 50000-60000 -> 50000-60000
  WAN Connection Type
  All Broadband Devices
  Status
  Active
  Now the problem is when I type my real IP address:  108.XX.XXX.37:8080 (from inside the network it pulls up the Fios router login page and when I pull it up outside the network I get page not found.  This isnt any different then I had previously done on my Netgear router, but I must be missing something on this actiontec one.  Any suggestions?
  Thanks
  Solved!
  Go to Solution.

  Howie411 wrote:
  The IP Camera company requires you to port forward  port 80 (switched to 8080) 554 and 50000-60000.
  So I set up Portforwarding on the router like this:
  Networked Computer / Device
  192.168.1.200:8080
  Applications & Ports Forwarded
  IPCamera
  TCP 8080 -> 8080
  UDP 8080 -> 8080
  TCP 554 -> 554
  UDP 554 -> 554
  TCP 50000-60000 -> 50000-60000
  UDP 50000-60000 -> 50000-60000
  WAN Connection Type
  All Broadband Devices
  Status
  Active
  Now the problem is when I type my real IP address:  108.XX.XXX.37:8080 (from inside the network it pulls up the Fios router login page and when I pull it up outside the network I get page not found.  This isnt any different then I had previously done on my Netgear router, but I must be missing something on this actiontec one.  Any suggestions?
  Thanks
  No port on the ip address
  Networked Computer / Device
  192.168.1.200
  should say tcp any on the left side of the arrow in all cases
  TCP any -> 8080
  UDP any -> 8080
  etc

• New network/port forwarding questions

  I just replaced my Airport Extreme with a 1TB TC and set up a primary network (AirNett) and a Guest network (Guest). I added Port Mapping entries for my computers (running Tiger), SlingBoxes and ReplayTVs (which are all ethernet-connected) and I have 1 laptop running Leopard and 1 running Tiger. We also have 2 iPhones.
  The wired devices all seem to connect just fine. Occasionally, there is a delay in the connection (30 sec-1 min), but once it connects, they seem to stay connected.
  The laptops take too long to connect to the AirNett network. If they do connect, it seems that the connection comes and goes. The iPhones have yet to connect to AirNett.
  The Guest network serves all the wireless devices just fine, BUT, it does not allow connections to the Port Forwarding devices.
  So, 2 issues... any ideas about :
  1) why my primary network (AirNett) is not working properly for my wireless devices and
  2) why my Guest network does not allow the Port Forwarding connections.
  TIA for any suggestions.
  Scott

  That was my point - all my lan ports that use port 80 can point at port 80, and long as the WAN ports point at something else. The trouble is, I am restricted to only using 80,81 and 443 on the LAN side, which limits me to 3 (not counting 8080 for my routers web gui)
  So that means with my two web cams and web gui on my NAS drive, I am unable to log into any other web interfaces on my LAN, unless I log into my router first, disable one port forward and enable another (using the same WAN port of 80 or 81) - which is doable but a PITA..
  This is what is looks like on the router:
  For example, if I change the port from field for the "tranmission" entry to anything but 80 or 81, it will not work, so if I want to get into my torrent gui on my NAS drive I have to disable "cam1" and enable "transmission"
  I checked with my ISP and they are not blocking any ports, so I'm not sure how to get around this, unless I can serve up a page that shows feeds from more than one camera and serve it from one source, ie my router or NAS drive. 

• Port Forward Question _ BT HomeHub 3

  Hello all,
  Ive been trying to set up port forwarding on my bt router but to no avail so far.
  On the port forwarding tab in the router settings when I click Add to assign a device nothing happens??
  Ive tried on my iphone and laptop and the "add" button turns grey but nothing happens?
  Can anyone help?

  so your selecting the "game or application" then selecting the "device" and the "ADD" button stays grey?
  or can you select add but after selection and the page refreshing the new device doesnt show up?
  under "supported applications" you can manually set up a device vis "new game or application" as a last resort

• Port Forwarding Question - Detailed

  Hi,
  I hate wasting people's time, so I will give you very detailed information.
  So here's an overview of the network. I have a WRT54G with V4.21 firmware on it. I also have a WRE54G Range Expander. Both are secured. We have 3 desktops, 2 laptops, and some game consoles hooked up to the wireless internet, with nothing connected with an ethernet cable (all wireless).
  A friend and myself want to play an online game, which requires one person to be a server, and one to be a client. He doesn't have access to his network configurations, so I will end up being the server.
  I have setup port forwarding, and the program gives me a Socket Error of 10061 - Connection was refused forcefully.
  The port is 1001 that we need open.
  I have checked with my ISP, and have found that they are not blocking any ports, so I know that is not an issue.
  If I hook the computer up directly to the modem, it works fine, so it is definitely a forwarding issue.
  I have DHCP turned off on the computer, my local IP address is 192.168.1.106
  My port forwarding settings look like this.
  Application: (Blank... but I have used other names during tests)
  Start: 1001
  End: 1001
  Protocol: Both (I have also tried TCP and UDP individually)
  IP Address: 192.168.1.106 (my static IP address)
  Enabled: True
  I have also tried turning the SPI Firewall Protection off, as well as Block Anonymous Internet Requests.
  The IP address that the person is using to connect to the computer with is my router's IP address (which is propagated directly from the modem). With the port 1001. This is the same combination used when the computer is hooked up directly to the modem, however with it behind the router, the forwarding just doesn't seem to handle the forward.
  I have tried it with Windows Firewall turned off, as well as my Norton AV.
  I have also created exceptions and completely opened port 1001 in Windows Firewall just in case.
  I've also tried just simply restarting the computer.
  I'm tapped out of ideas... can anyone else suggest anything?
  Message Edited by Joker_69 on 05-13-2008 01:53 AM

  Alright, I went through the checklist, and every single step in the checklist checked out, except for connecting from outside the LAN. I can connect to the server through 192.168.1.150:1001, but not through xxx.xxx.96.215:1001.
  Here are all settings that have been changed (everything else should be assumed to be default values):
  Wireless/Security:
  Security Mode: WEP
  Default Transmit Key: 1
  WEP Encryption: 128 bits 26 hex digits
  Passphrase: Have been set
  Key 1, 2, 3, 4: Have been set
  Security/Firewall:
  Firewall Protection: Disable
  Block Anonymous Internet Requests: False
  Filter Multicast: True
  Filter Internet NAT Redirection: False
  Filter IDENT(Port 113): True
  Applications & Gaming/Port Range Forward:
  Application: (no name given)
  Start: 1001
  End: 1001
  Protocol: Both (TCP & UDP)
  IP Address: 192.168.1.150
  Enable: True
  Now, here is the Status Page of the Router:
  Firmware Version: v4.21.1, Nov. 6, 2006
  Current Time: Tue, 13 May 2008 23:47:26
  MAC Address: xx:xx:xx:02:11:F5
  Router Name: WRT54G
  Host Name:
  Domain Name:
  Login Type: Automatic Configuration - DHCP
  IP Address: xxx.xxx.96.215
  Subnet Mask: 255.255.192.0
  Default Gateway: xxx.xxx.64.254
  DNS 1: xxx.xxx.133.68
  DNS 2: xxx.xxx.133.100
  DNS 3:
  MTU: 1500
  Here is the copy from ipconfig /all (with IP's blocked out):
  Windows IP Configuration
  Host Name . . . . . . . . . . . . : xxxxx-xxxxxxxxx
  Primary Dns Suffix . . . . . . . :
  Node Type . . . . . . . . . . . . : Unknown
  IP Routing Enabled. . . . . . . . : No
  WINS Proxy Enabled. . . . . . . . : No
  Ethernet adapter Wireless Network Connection:
  Connection-specific DNS Suffix . :
  Description . . . . . . . . . . . : Wireless-B PCI Adapter
  Physical Address. . . . . . . . . : xx-xx-xx-0D-39-EC
  Dhcp Enabled. . . . . . . . . . . : No
  IP Address. . . . . . . . . . . . : 192.168.1.150
  Subnet Mask . . . . . . . . . . . : 255.255.255.0
  Default Gateway . . . . . . . . . : 192.168.1.1
  DNS Servers . . . . . . . . . . . : xxx.xx.133.68
  xxx.xxx.133.100
  Here is my netstat -an:
  Active Connections
  Proto Local Address Foreign Address State
  TCP 0.0.0.0:25 0.0.0.0:0 LISTENING
  TCP 0.0.0.0:80 0.0.0.0:0 LISTENING
  TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
  TCP 0.0.0.0:443 0.0.0.0:0 LISTENING
  TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
  TCP 0.0.0.0:1001 0.0.0.0:0 LISTENING
  TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
  TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING
  TCP 0.0.0.0:5051 0.0.0.0:0 LISTENING
  TCP 0.0.0.0:5101 0.0.0.0:0 LISTENING
  TCP 0.0.0.0:7501 0.0.0.0:0 LISTENING
  TCP 0.0.0.0:21159 0.0.0.0:0 LISTENING
  TCP 127.0.0.1:1026 0.0.0.0:0 LISTENING
  TCP 127.0.0.1:1045 0.0.0.0:0 LISTENING
  TCP 127.0.0.1:3668 127.0.0.1:3669 ESTABLISHED
  TCP 127.0.0.1:3669 127.0.0.1:3668 ESTABLISHED
  TCP 127.0.0.1:3670 127.0.0.1:3671 ESTABLISHED
  TCP 127.0.0.1:3671 127.0.0.1:3670 ESTABLISHED
  TCP 192.168.1.150:139 0.0.0.0:0 LISTENING
  TCP 192.168.1.150:4153 xxx.xxx.193.131:119 ESTABLISHED
  TCP 192.168.1.150:4156 xxx.xxx.233.145:5050 ESTABLISHED
  TCP 192.168.1.150:4170 xxx.xxx.107.81:1863 ESTABLISHED
  TCP 192.168.1.150:4949 xxx.xxx.207.191:80 CLOSE_WAIT
  TCP 192.168.1.150:4950 xxx.xxx.223.191:80 CLOSE_WAIT
  TCP 192.168.1.150:4951 xxx.xxx.139.166:80 CLOSE_WAIT
  TCP 192.168.1.150:4952 xxx.xxx.139.166:80 CLOSE_WAIT
  TCP 192.168.1.150:4953 xxx.xxx.255.103:80 CLOSE_WAIT
  UDP 0.0.0.0:445 *:*
  UDP 0.0.0.0:500 *:*
  UDP 0.0.0.0:1048 *:*
  UDP 0.0.0.0:1050 *:*
  UDP 0.0.0.0:1166 *:*
  UDP 0.0.0.0:1178 *:*
  UDP 0.0.0.0:1802 *:*
  UDP 0.0.0.0:1803 *:*
  UDP 0.0.0.0:1804 *:*
  UDP 0.0.0.0:1805 *:*
  UDP 0.0.0.0:1806 *:*
  UDP 0.0.0.0:3456 *:*
  UDP 0.0.0.0:4500 *:*
  UDP 0.0.0.0:5051 *:*
  UDP 127.0.0.1:123 *:*
  UDP 127.0.0.1:1900 *:*
  UDP 127.0.0.1:2089 *:*
  UDP 127.0.0.1:2111 *:*
  UDP 127.0.0.1:3459 *:*
  UDP 192.168.1.150:9 *:*
  UDP 192.168.1.150:123 *:*
  UDP 192.168.1.150:137 *:*
  UDP 192.168.1.150:138 *:*
  UDP 192.168.1.150:1900 *:*
  UDP 192.168.1.150:4160 *:*
  UDP 192.168.1.150:4161 *:*
  UDP 192.168.1.150:4163 *:*
  UDP 192.168.1.150:4164 *:*
  UDP 192.168.1.150:8163 *:*
  UDP 192.168.1.150:39358 *:*
  The sixth one down from the top looks like it is working properly.
  Let me know what you think .
  Message Edited by Joker_69 on 05-14-2008 12:01 AM

• Simple Port Forwarding / ACL Question

  Hi Everyone,
  I'm kind of a novice when it comes to Cisco configuration. I went to college for networking but haven't used it enough since graduating and I'm having some trouble with opening some ports for email to my home PC.
  Specifically i'm trying to set up IMAP with Gmail to be downloaded to my Mozilla Thunderbird client. I'm using a similar syntax for other ports that i've opened but it isn't working. I also did a "show access list" and saw that one of my rules had hit counts on it but i'm not sure what this means as far as troubleshooting goes.
  Can someone lend a hand and explain what i'm doing wrong? If you're feeling extra nice could you let me know what I would need to do to open some Xbox Live ports as well? The rules aren't set up yet but the ports are present in my config. I've bolded the relevant ports below.
  *** Config ****
  ASA Version 8.2(5)
  hostname RyansFirewall
  enable password C5OQraC02mISnP8p encrypted
  passwd 3mBdM08UO1apR0bB encrypted
  names
  name 192.168.1.130 theking
  name 192.168.1.240 wap
  name 192.168.1.252 cam
  name 192.168.1.253 switch
  name 192.168.1.150 xbox
  name x.x.x.x vpnreactor
  name x.x.x.x HSoftware
  name x.x.x.x Mom_and_Dad
  interface Ethernet0/0
  description Connection_to_Cable_Modem
  switchport access vlan 10
  interface Ethernet0/1
  description Cisco_Catalyst_2960
  interface Ethernet0/2
  interface Ethernet0/3
  shutdown
  interface Ethernet0/4
  shutdown
  interface Ethernet0/5
  description Guest_Wireless
  switchport access vlan 20
  interface Ethernet0/6
  shutdown
  interface Ethernet0/7
  shutdown
  interface Vlan1
  description Private_Internal_Lan
  nameif inside
  security-level 100
  ip address 192.168.1.254 255.255.255.0
  interface Vlan10
  description WOW_Internet
  nameif outside
  security-level 0
  ip address dhcp setroute
  interface Vlan20
  description Guest_Wireless
  no forward interface Vlan1
  nameif dmz
  security-level 30
  ip address 172.16.1.254 255.255.255.0
  boot system disk0:/asa825-k8.bin
  ftp mode passive
  clock timezone Eastern -5
  object-group network outside_ip_group
  description This group contains a list of allowed public IP Addresses
  network-object HSoftware 255.255.255.255
  network-object Mom_and_Dad 255.255.255.255
  object-group service Xbox_Ports tcp-udp
  description Ports needed for Xbox Live
  port-object eq www
  port-object eq 88
  port-object eq domain
  port-object eq 3074
  object-group service Email_Ports tcp-udp
  description Ports needed for Email
  port-object eq 143
  port-object eq 465
  port-object eq 587
  port-object eq 993
  access-list outside_access_in extended permit tcp object-group outside_ip_group any eq 1024
  access-list outside_access_in extended permit tcp any any eq 3389
  access-list outside_access_in extended permit tcp any any eq ftp
  access-list outside_access_in extended permit gre host vpnreactor host theking
  access-list outside_access_in extended permit tcp host vpnreactor host theking eq pptp
  access-list outside_access_in extended permit icmp any any echo-reply
  access-list outside_access_in extended permit icmp any any time-exceeded
  access-list outside_access_in extended permit icmp any any unreachable
  access-list outside_access_in extended permit tcp object-group outside_ip_group any eq 5900
  access-list outside_access_in extended permit tcp any any object-group Email_Ports
  access-list outside_access_in extended permit udp any any object-group Email_Ports
  pager lines 24
  mtu inside 1500
  mtu outside 1500
  mtu dmz 1500
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-635.bin
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 1 0.0.0.0 0.0.0.0
  nat (outside) 1 access-list outside_access_in
  nat (dmz) 1 0.0.0.0 0.0.0.0
  static (inside,outside) tcp interface 3389 theking 3389 netmask 255.255.255.255
  static (inside,outside) tcp interface ftp theking ftp netmask 255.255.255.255
  static (inside,outside) tcp interface 1024 cam 1024 netmask 255.255.255.255
  static (inside,outside) tcp interface 5900 theking 5900 netmask 255.255.255.255
  static (inside,outside) tcp interface 143 theking 143 netmask 255.255.255.255
  static (inside,outside) tcp interface 465 theking 465 netmask 255.255.255.255
  static (inside,outside) tcp interface 587 theking 587 netmask 255.255.255.255
  static (inside,outside) tcp interface 993 theking 993 netmask 255.255.255.255
  access-group outside_access_in in interface outside
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  http server enable
  http 192.168.1.0 255.255.255.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  telnet timeout 5
  ssh 192.168.1.0 255.255.255.0 inside
  ssh Mom_and_Dad 255.255.255.255 outside
  ssh HSoftware 255.255.255.255 outside
  ssh timeout 10
  console timeout 10
  dhcpd address 192.168.1.2-192.168.1.25 inside
  dhcpd dns x.x.x.x x.x.x.x interface inside
  dhcpd lease 10800 interface inside
  dhcpd domain RyanJohn interface inside
  dhcpd enable inside
  dhcpd address 172.16.1.2-172.16.1.25 dmz
  dhcpd dns 8.8.8.8 8.8.4.4 interface dmz
  dhcpd domain RyanJohnGuest interface dmz
  dhcpd enable dmz
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  webvpn
  username XXXXX password ZpRIy72StEDDpdfG encrypted
  class-map inspection_default
  match default-inspection-traffic
  policy-map global_policy
  class inspection_default
    inspect pptp
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  Cryptochecksum:3c7abf7d5d55aba0e19d5da340132000
  : end
  *** Show Access List ****
  RyansFirewall# show access-list outside_access_in
  access-list outside_access_in; 19 elements; name hash: 0x6892a938
  access-list outside_access_in line 1 extended permit tcp object-group outside_ip_group any eq 1024 0xf13a69fb
    access-list outside_access_in line 1 extended permit tcp host HSoftware any eq 1024 (hitcnt=0) 0xc8c42900
    access-list outside_access_in line 1 extended permit tcp host Mom_and_Dad any eq 1024 (hitcnt=0) 0x7e777675
  access-list outside_access_in line 2 extended permit tcp any any eq 3389 (hitcnt=7451) 0x51a647d7
  access-list outside_access_in line 3 extended permit tcp any any eq ftp (hitcnt=11) 0x8d0d5aac
  access-list outside_access_in line 4 extended permit gre host vpnreactor host theking (hitcnt=0) 0x894a4bbb
  access-list outside_access_in line 5 extended permit tcp host vpnreactor host theking eq pptp (hitcnt=0) 0xcb0322a8
  access-list outside_access_in line 6 extended permit icmp any any echo-reply (hitcnt=563) 0x54b872f3
  access-list outside_access_in line 7 extended permit icmp any any time-exceeded (hitcnt=703) 0x03690eb3
  access-list outside_access_in line 8 extended permit icmp any any unreachable (hitcnt=7408) 0x5c2fa603
  access-list outside_access_in line 9 extended permit tcp object-group outside_ip_group any eq 5900 0xe88875b2
    access-list outside_access_in line 9 extended permit tcp host HSoftware any eq 5900 (hitcnt=0) 0x2208e16f
    access-list outside_access_in line 9 extended permit tcp host Mom_and_Dad any eq 5900 (hitcnt=0) 0xa3aaaedd
  access-list outside_access_in line 10 extended permit tcp any any object-group Email_Ports 0x91529965
    access-list outside_access_in line 10 extended permit tcp any any eq imap4 (hitcnt=17) 0x53d153bd
    access-list outside_access_in line 10 extended permit tcp any any eq 465 (hitcnt=0) 0x4d992f5e
    access-list outside_access_in line 10 extended permit tcp any any eq 587 (hitcnt=0) 0x734d200d
    access-list outside_access_in line 10 extended permit tcp any any eq 993 (hitcnt=0) 0xb91930a9
  access-list outside_access_in line 11 extended permit udp any any object-group Email_Ports 0xe12dbb9d
    access-list outside_access_in line 11 extended permit udp any any eq 143 (hitcnt=0) 0x34d1c49d
    access-list outside_access_in line 11 extended permit udp any any eq 465 (hitcnt=0) 0x5cc4b908
    access-list outside_access_in line 11 extended permit udp any any eq 587 (hitcnt=0) 0x6e3b53a3
    access-list outside_access_in line 11 extended permit udp any any eq 993 (hitcnt=0) 0x7f9dd9b7

  Hi Riyasat,
  Here is the result of the command. I'm a little confused though as it said it passed through although this port is still not open to my inside host.
  RyansFirewall# packet-tracer input outside tcp 8.8.8.8 465 Outside_IP 465 detailed
  Phase: 1
  Type: UN-NAT
  Subtype: static
  Result: ALLOW
  Config:
  static (inside,outside) tcp interface 465 theking 465 netmask 255.255.255.255
    match tcp inside host theking eq 465 outside any
      static translation to Outside_IP/465
      translate_hits = 0, untranslate_hits = 2
  Additional Information:
  NAT divert to egress interface inside
  Untranslate Outside_IP/465 to theking/465 using netmask 255.255.255.255
  Phase: 2
  Type: ACCESS-LIST
  Subtype: log
  Result: ALLOW
  Config:
  access-group outside_access_in in interface outside
  access-list outside_access_in extended permit tcp any any eq 465
  Additional Information:
  Forward Flow based lookup yields rule:
  in  id=0xd863ac20, priority=12, domain=permit, deny=false
          hits=9, user_data=0xd613bd70, cs_id=0x0, flags=0x0, protocol=6
          src ip=0.0.0.0, mask=0.0.0.0, port=0
          dst ip=0.0.0.0, mask=0.0.0.0, port=465, dscp=0x0
  Phase: 3
  Type: IP-OPTIONS
  Subtype:
  Result: ALLOW
  Config:
  Additional Information:
  Forward Flow based lookup yields rule:
  in  id=0xd7de9018, priority=0, domain=inspect-ip-options, deny=true
          hits=20003, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=0
          src ip=0.0.0.0, mask=0.0.0.0, port=0
          dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
  Phase: 4
  Type: NAT
  Subtype: host-limits
  Result: ALLOW
  Config:
  nat (outside) 1 access-list outside_access_in
    match tcp outside any outside any eq 3389
      dynamic translation to pool 1 (Outside_IP [Interface PAT])
      translate_hits = 0, untranslate_hits = 0
  Additional Information:
  Forward Flow based lookup yields rule:
  in  id=0xd7e62278, priority=2, domain=host, deny=false
          hits=25913, user_data=0xd7e61e60, cs_id=0x0, reverse, flags=0x0, protocol=0
          src ip=0.0.0.0, mask=0.0.0.0, port=0
          dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
  Phase: 5
  Type: HOST-LIMIT
  Subtype:
  Result: ALLOW
  Config:
  Additional Information:
  Forward Flow based lookup yields rule:
  in  id=0xd7debf90, priority=0, domain=host-limit, deny=false
          hits=143, user_data=0x0, cs_id=0x0, flags=0x0, protocol=0
          src ip=0.0.0.0, mask=0.0.0.0, port=0
          dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
  Phase: 6
  Type: NAT
  Subtype: rpf-check
  Result: ALLOW
  Config:
  static (inside,outside) tcp interface 465 theking 465 netmask 255.255.255.255
    match tcp inside host theking eq 465 outside any
      static translation to Outside_IP/465
      translate_hits = 0, untranslate_hits = 2
  Additional Information:
  Forward Flow based lookup yields rule:
  out id=0xd7e84380, priority=5, domain=nat-reverse, deny=false
          hits=3, user_data=0xd7e58b08, cs_id=0x0, flags=0x0, protocol=6
          src ip=0.0.0.0, mask=0.0.0.0, port=0
          dst ip=theking, mask=255.255.255.255, port=465, dscp=0x0
  Phase: 7
  Type: NAT
  Subtype: host-limits
  Result: ALLOW
  Config:
  static (inside,outside) tcp interface 3389 theking 3389 netmask 255.255.255.255
    match tcp inside host theking eq 3389 outside any
      static translation to 0.0.0.0/3389
      translate_hits = 0, untranslate_hits = 107
  Additional Information:
  Reverse Flow based lookup yields rule:
  in  id=0xd7e70e30, priority=5, domain=host, deny=false
          hits=1642, user_data=0xd7e6c678, cs_id=0x0, reverse, flags=0x0, protocol=0
          src ip=theking, mask=255.255.255.255, port=0
          dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
  Phase: 8
  Type: IP-OPTIONS
  Subtype:
  Result: ALLOW
  Config:
  Additional Information:
  Reverse Flow based lookup yields rule:
  in  id=0xd7d9e160, priority=0, domain=inspect-ip-options, deny=true
          hits=30929, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=0
          src ip=0.0.0.0, mask=0.0.0.0, port=0
          dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0
  Phase: 9
  Type: FLOW-CREATION
  Subtype:
  Result: ALLOW
  Config:
  Additional Information:
  New flow created with id 31012, packet dispatched to next module
  Module information for forward flow ...
  snp_fp_tracer_drop
  snp_fp_inspect_ip_options
  snp_fp_tcp_normalizer
  snp_fp_translate
  snp_fp_adjacency
  snp_fp_fragment
  snp_ifc_stat
  Module information for reverse flow ...
  snp_fp_tracer_drop
  snp_fp_inspect_ip_options
  snp_fp_translate
  snp_fp_tcp_normalizer
  snp_fp_adjacency
  snp_fp_fragment
  snp_ifc_stat
  Result:
  input-interface: outside
  input-status: up
  input-line-status: up
  output-interface: inside
  output-status: up
  output-line-status: up
  Action: allow

• Port Forwarding Question

  I have a WCG200 with a WRT310N router attached. I'm attempting to forward a few single ports across to one of the clients on the router. I seem to be unable to forward the ports to the clients on the wireless. Do I need to forward the ports from the Gateway to the Router then to the Client. Any ideas?

  As you have 2 Wireless router, so you issue is NAT behind NAT. I think you can try to Open the ports on Both the router and check if it working or not. Who is your ISP. If it dosent work then you need to bypass anyone of your router and open the ports on your router, and i think this might solve your problem.

• WRT54G ver 6 Port forwarding question

  Howdy... I just purchased the WRT54G ver 6 router to replace my old wired one that was fried after losing power one night... plugged into a $60 surge protector... but I digress... I have 2 PCs plugged into this router... neither are wireless. I host a website and so I setup the router to forward port 80 to the webserver... The loading of images has become incredibly slow. Probably 3 to 4 Xs as slow as the old router... If I plug my cable modem into the pc direct it seems fine, so I dont see a bandwidth issue or upload problem... Seems to be at the router and more specific where the router is forwarding the request. Has anyone run into this? Are there settings on the router somewhere that I can tweak?

  Try to lower your MTU settings.
  "When you have eliminated the impossible, whatever remains, however improbable, must be the truth."

• Port forwarding in Solaris 8

  Hi,
  I am new to Solaris and am trying to set up a simple port forwarding from port 80 to 8080.
  I know how to do this in Linux:
  iptables -t nat -I PREROUTING -p tcp dport 80 -j REDIRECT to-port 8080
  but cannot find a way to do this in Solaris. I have installed SunScreen, but am not sure whether this is the right thing to use.
  This is a simple server in a hosting centre.
  Can anyone help?

  In solaris you can do port forwarding with ssh . You have to install SSH from soalris 2 of 2 CD .
  see man pages of ssh
  Regards

• Port Forwarding and Printing with Static IP Address

  Hey there -
  I am trying to setup a network printer that can be printed to from anywhere in the world. My organization has 5 static IP addresses given to us by our ISP. Four of those I have on computers, and one of them I have on my Linksys router (WRT54G v.8).
  What I want to do is be able to setup a printer on my router that I can print to from anywhere I have an internet connection. My wireless router's static IP address is 74.172.54.XXX - The address on my network is 192.168.7.1 - I have a printer statically assigned the IP address 192.168.7.2 - and I have a port forwarding for port 70 to forward to 192.168.7.2
  In theory, I would think that now I could print to 74.172.54.XXX:70 and have no problems. But that doesn't seem to be working. Even printing to 192.168.7.1:70 doesn't seem to work either.
  Also, the printer has a web GUI interface that if I type http://192.168.7.1/ into my browser it comes up, so in theory I would think typing http://74.172.54.XXX:70 into my browser it should come up (but it doesn't nor does http://192.168.7.1:70).
  Anybody got any suggestions? I tried to do a search about this, but ever Port Forwarding question seemed to deal with gaming (which I have no desire to do). Thanks!
  I will include two screen snapshots of what I am talking about:
  Thanks for any help.

  Is the router setup to accept static connections?
  I have my router set up to accept both, so from 192.168.1.100 to 192.168.1.192 the addresses are static the other addresses are given by DHCP.
  If you do not define a range and the address your laptop has as static IP conflicts with the address given by DHCP your loose ... as in you get no address.
  Set up of that feature may depend on your type of router but usually any decent router will have that capability ... read your manual for specifics about your unit.
  Best of luck.
  R.
  Last edited by ralvez (2009-12-10 00:08:50)

• Does Verizon Wireless support Port forwarding.

  The 4510L has port forwarding. But the IP address ports are all stealth. I know VW has to take security measures for spam and hackers but this is just a little over kill here. The IP addresses they use are from wdspco.org. At lest in my area. Come on VW where is a tech support that are not sale reps. This feature should be part of the ISP service. It should not be an issue to allow simple port forwarding for the NOC. I know the public IP address is not routable. Its not going to cost more to route.

      We would love to support you with your Env3, jeffrey8066!
  What can we do to help?
  TamaraH_VZW
  Follow us on Twitter @VZWSupport

• How to Port Forward on Cisco 1900 Router?

  We have a cisco 1900 router. I m new to cisco routers commands, recently started learning. I need to forward all requests coming from port 1723 from outside to inside server ip. I check "show running-config" and I see already forwarded ports and ip like below,
  ip nat pool onlyone xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx netmask 255.255.255.252
  ip nat inside source list 1 pool onlyone overload
  ip nat inside source static tcp 192.168.0.xx 22 xxx.xxx.xxx.xxx 22 extendable
  ip nat inside source static tcp 192.168.0.xx 80 xxx.xxx.xxx.xxx 80 extendable
  ip nat inside source static tcp 192.168.0.xx 80 xxx.xxx.xxx.xxx 96 extendable
  ip nat inside source static tcp 192.168.0.xx 443 xxx.xxx.xxx.xxx 443 extendable
  ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx
  where xxx.xxx.xxx.xxx is public facing IP.
  so what is the command to add "ip nat inside source static tcp 192.168.1.xx 1723 <public-ip> 1723 extendable" to currnetly working settings?
  I am currently reading below but no luck so far...
  http://www.cisco.com/en/US/docs/routers/access/1900/software/configuration/guide/software_configuration.pdf
  I have found this
  http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml#topic7
  interface ethernet 0
  ip address 172.16.10.1 255.255.255.0
  ip nat inside
  !--- Defines Ethernet 0 with an IP address and as a NAT inside interface.
  interface serial 0
  ip address 200.200.200.5 255.255.255.252
  ip nat outside
  !--- Defines serial 0 with an IP address and as a NAT outside interface.
  ip nat inside source static tcp 172.16.10.8 8080 172.16.10.8 80
  !--- Static NAT command that states any packet received in the inside
  !--- interface with a source IP address of 172.16.10.8:8080 is
  !--- translated to 172.16.10.8:80.
  How do I know if "interface ethernet 0" and "interface serial 0" will work for me?

  the router is already setup and working for 2 years. all i need to do  add a simple port forward from public ip to internal server. Following  make sense to accomplish what i m trying to do. Lets assume 1.2.3.4 is  my office public static ip and 192.168.0.10 is my internal server. All  requests will come from some Ip lets say 25.24.23.22:1723 to  1.2.3.4:1723 and router will forward this request to 192.168.0.10:1723.  This is all i m trying to accomplish. I m not setting up a new router.  Some rules are already there. Therefore below seem to be what i need. All I need is how to identify "interface ethernet 0" & "interface serial 0". I understand the inside and outside details. All i have to find is how to replace ethernet 0 and serial 0 with what i have in my router setup.
  interface ethernet 0
  ip address 172.16.10.1 255.255.255.0
  ip nat inside
  !--- Defines Ethernet 0 with an IP address and as a NAT inside interface.
  interface serial 0
  ip address 200.200.200.5 255.255.255.252
  ip nat outside
  !--- Defines serial 0 with an IP address and as a NAT outside interface.
  ip nat inside source static tcp 172.16.10.8 8080 172.16.10.8 80
  !--- Static NAT command that states any packet received in the inside
  !--- interface with a source IP address of 172.16.10.8:8080 is
  !--- translated to 172.16.10.8:80.