Solved

Port forwarding not working

Posted on 2004-09-09
14
279 Views
Last Modified: 2010-03-18
I'm having trouble getting any port forwarding to work on my NetGear RP614v2 router. I have my pc (192.168.0.2 on my network) set up as a web server and also set up for Remote Desktop. I followed the directions for setting up the router so port 80 directs requests to this IP and also I have port 3389 set to go to this IP.

However when I put my external IP (currently 68.236.154.34) into a browser I get page cannot be displayed. Also I get connection errors when attempting to Remote Desktop to my PC via the external IP. However internally connecting via the other PC on my internal network it works fine.

Thanks for the help!!

Tim
0
Comment
Question by:Ellis_Juan
  • 6
  • 4
14 Comments
 
LVL 33

Expert Comment

by:humeniuk
ID: 12022905
A few questions: What OS & web server software are you using?  Do you have any kind of firewall (ie. Zone Alarm, WinXP firewall) running on your PC?  Who is your ISP and do they allow incoming traffic on port 80?
0
 

Author Comment

by:Ellis_Juan
ID: 12023091
I'm running XP Pro and IIS 5.1, I also have Sygate Personal Firewall Pro. But I turned off the firewall and still had the same problems. My ISP is Verizon Online, DSL. I assume they allow traffic on port 80, cant say for sure??

Tim
0
 
LVL 33

Expert Comment

by:humeniuk
ID: 12023432
Lots of ISPs don't allow web servers, but only a few of those will go to the trouble to block port 80 to stop you from running one -  I think that in reality most of them don't care as long as you don't use too much bandwidth.  I did a quick check and found a few comments (on forums and such) from people saying they'd either called Verizon and been told that they don't block any ports or were using Verizon and had a functional web server, so that's probably not it.

From www.network-tools.com, I am able to ping and trace route to your IP, which implies that traffic can get to your router's WAN port.  When I try to access your IP with my browser, the page times out.  If you can access the website from the LAN, the web server is working, so you're probably right that it is a forwarding problem.

I found this reference to something that might cause your problem:
"There is a problem in the rp614v2 config if you create port forwarding(s) and then un-tick (disable) it (them) on the router setup page. In such a case for me, and some others, the port forwardings on the list after (below) will not work. You MUST delete a port forwarding that you do not use or the ones after will not work, or as in some cases for me the system became unstable and the program using this prone to crash.
In my case I tried to forward port 80 with a disabled port forwarding over it in the list and no traffic came through on port 80. I then deleted the disabled port forwarding and all worked very well and I have had no problem with this router since."
(source: http://www.dslreports.com/forum/remark,10658012~mode=flat)
0
 
LVL 15

Expert Comment

by:adamdrayer
ID: 12023693

I agree with Humeniuk, that it sounds like your ISP does not allow incoming traffic to your IP address on port 80.  Try serving the website on a different port like 8018, and try attaching to it like this http://w.x.y.z:8018

There is one more thing i should mention.  As a security feature, you most likely will not be able to attach to the external IP from an internal computer.  All computers in your 192.168.0.x network need to attach to the webserver by using 192.168.0.2

Port forwarding only works for requests that come in over the WAN connection.  Internal computers will need to use internal addresses, and external addresses will need to use external addresses.  This is to prevent IP spoofing and is often unconfigurable.  

The fact that humeniuk can't connect from his computer over the internet at least conforms that this is not the only problem.  

1. First change the port# is IIS to 8018(assuming you are using IIS)
2. Then try to connect from your internal network using http://192.168.0.2:8018
3. Open port 8018 on your router and forward it to 192.168.0.2 and have someone connect to http://68.236.154.34:8018 from the outside internet

If all of that works, then your ISP is blocking port 80.  If only the first two work, then it is most likely a problem with the router.  If 2 and 3 don't work, then your webserver is not configured properly.
0
 

Author Comment

by:Ellis_Juan
ID: 12026431
Hey guys, thanks for the suggestions and taking the time to try and figure it out. Unfortunately I tried all that last night after posting the original question.

humeniuk, I actually found that same article about the disabled forwarded ports, but I don't have anything like that. I even tried deleting all my port forwardings and just putting in the port 80 to webserver forward from scratch all over again and still no luck.

And Adam, also good thoughts, but again. I tried all that :(

I didn't use port 8018, but some other random port and set my web server and port forwarding up with that port and again, internally I could connect using the http://192.168.0.2:port# method and it worked fine, but from the outside nothing.

Also I did read that the port forwarding shouldn't work internally using the WAN IP, but I also read some things saying it should. But either way, I had a friend attempt to connect from the outside and still no dice.

I'm beginning to think there's nothing left for it to be other than a router problem.
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 33

Expert Comment

by:humeniuk
ID: 12026609
If your web server is configured to listen on another port, you don't need port forwarding to access it, because the connection is direct, not through the router.  You might not be able to access the WAN IP from inside the network, but your friend should be able to.

Given everything you've tried, you could be right that there is a problem with the router.  If you have another router available, you can switch it in and see if it works.

For the sake of performing a test, you may want to temporarily configure your router to use your web server as the default DMZ server (unless it's a dedicated web server, you don't want to run your computer like this in general, for security reasons) and testing it.  Make sure you check the 'Respond To ping On Internet Port' box and then you can test it yourself by pinging from www.network-tools.com.
0
 

Author Comment

by:Ellis_Juan
ID: 12026993
I was wondering if that might be an idea to try, however that wouldn't really solve my problem because I'd like remote desktop to work as well on port 3389 so if port forwarding in general isn't working then I'd still have a problem. But you're right, that does seem like a good way to test. I'll try that when I get home later on.

Here's another thing, the default port for remote management of the router is 8080, and that works using the WAN IP with :8080 on the end. So basically that is the ONLY thing working. Well not right now because I didn't turn the computer on before I left the apartment this morning.
0
 
LVL 33

Expert Comment

by:humeniuk
ID: 12027144
My understanding is that putting your PC in the DMZ basically forwards all ports to that computer.  If it works, that would imply that the router is capable of port forwarding.  However, if it doesn't work with normal port forwarding per the manual, that's a moot point.
0
 

Author Comment

by:Ellis_Juan
ID: 12046272
I have tried everything in the above comments so far. Even setting the webserver as the DMZ didn't fix the problem. I guess I need a new router unless there's anything else someone can think of.

I even tried creating a static route from my gateway to the webserver, still nothing.
0
 
LVL 33

Accepted Solution

by:
humeniuk earned 125 total points
ID: 12046795
Before you buy another router, here's another test you can try:

You can connect your server directly to the DSL modem and establish a connection to your ISP with WinXP's built-in PPPoE connector.  Once you have established a connection, have someone try to browse your web server from the internet.  If they are able to see your website, the problem is in the router.  If they can't, the problem isn't your router.
0
 
LVL 33

Expert Comment

by:humeniuk
ID: 12046799
Again, this is a TEMPORARY connection for testing purposes.  You don't want to leave it connected that way for security reasons.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Sometimes you might need to configure routing based not only on destination IP address, but also on a combination of destination IP address (or hostname) and destination port number. I will describe a method how to accomplish this with free tools. …
This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now