• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1150
  • Last Modified:

All ports are closed in my Linksys RV042 router-How to enable them?

Hi. I've been spending days to find a solution for this.

After we upgraded from DSL to T1(although this might not be a direct cause..), all ports in Linksys RV042 are not working for remote access from outside, for example port 5631 for pcAnywhere and 3389 for RDP. The router has the exactly same setting as before. The only addition from previous DSL is a CISCO 1841 router that sends WAN line to the RV042. (CISCO 1841  is an ATT managed router, which means I don't have access to it). RV042 works as a DHCP server for Win 2003 server with active directory.

I even directly single-connected RV042 to our Win 2003 server, and tried telnet -> open 192.168.1.1 in CMD, but connection fails. I first need to enable 5631 for pcAnywhere and eventually 443 for quickVPN as soon as possible. I don't understand why port 5631 which had been working for years stopped working suddenly. Would the new IP address or DNS from T1 be a source of the problem?
Any comment would be welcomed. Thanks.
0
ychousa
Asked:
ychousa
  • 8
  • 6
1 Solution
 
rowansmithCommented:
So do you have this:

Internet <-> T1 <-> Cisco 1841 <-> Ethernet <-> RV042 <-> LAN

If so, what is the IP address that your 1841 is assigned by your ISP?  What IP Address does your RV042 get?

When you visit whatismyip.com from a device on the Internal LAN what IP Address does it show?  The one on the Cisco 1841 or the one on the RV042?

-Rowan
0
 
ychousaAuthor Commented:
Hi. The IP address is the one that is on RV042. The serial IP on 1841 is a totally different one. I can ping the 2 IPs successfully.
0
 
rowansmithCommented:
Do you have an ethernet connection between the 1841 and the Rv042?

It sounds to me like your Cisco1841 is not configured to route packets to the Rv042.

Could you please post the config for the 1841?
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
ychousaAuthor Commented:
That was what I had thought until I directly connected RV042 to Win 2003 server without internet and 1841, which turned out to be no success. By "No success," I mean telnet -> open 192.168.1.1 -> connection failed - I'm not an expert, so I assume I can say "no success" with that result. If I'm wrong or if there's another way to test, please let me know.

As I said, I don't have access to 1841-it's all managed by ATT(Service provider), so I can't post config for 1841.
0
 
rowansmithCommented:
Why would you be telnetting to 192.168.1.1?  That is not the address you would be telnetting to from the Internet is it?

Is your connection between the 1841 and the RV042 Ethernet?
NB: This is important please answer this time as it give me some direction to troubleshoot.

On a side note you can get the config out of the 1841 if you have a console cable, we can go over this later if we want to isolate the problem to the 1841 so that you can tell your provider what you need changed on the 1841...
0
 
ychousaAuthor Commented:
Yes, it's CAT5 ethernet. And telnetting to the WAN address on RV042 or 1841 doesn't work.
0
 
rowansmithCommented:
Ok, you need to do some network analysis on the ethernet segment between the RV042 and the 1841.

To do this you need to dig out an old Hub from somewhere and put this in line so you have:

Cisco 1841 <-- Hub --> RV042

Now you need to get another computer and attach this to the Hub.  On that computer you need to install Wireshark (www.wireshark.org).

Run Wire shark and set it to capture packets on the Ethernet interface.  Then from some remote location attempt to make a connection to your network on the appropriate ports and IP address.  If the traffic is getting past the 1841 then you will see it on the wire and you'll know it is the RV042 that has the probelm, if it is not getting past the 1841 then you will see nothing.

Make sure you use a Hub and NOT a switch.

-Rowan
0
 
rowansmithCommented:
The alternative is that I explain to you how to take the 1841 off line and extract the config from it.  Your provider will never even know .. they will just know that your box has gone offline while it is disconnected from their network....

then we can make sure that it is configured to pass the traffic inbound.
0
 
ychousaAuthor Commented:
Hmm.. this might sound silly, but I honestly don't know the difference between a hub and a switch :-) Still, I belive all I have is switch. That makes me choose the second option, right? Could you explain more detail about the second option? Can I use Win 2003 server for testing connection?
0
 
rowansmithCommented:
Can you make one of these?

http://www.snort.org/docs/tap/

Failing that, you need to attach a console cable to the Cisco as a first step and set your console to 8N1 9600bps
0
 
rowansmithCommented:
If it says switch on the front of it then it is almost certainly not a Hub.  If it does Full Duplex then it is a switch.

You can use a good quality switch - such as a Cisco switch which can support port mirroring?  ... do you have one of these?
0
 
ychousaAuthor Commented:
Hi, rowansmith. I've managed to fix port 3389 and 5631. I don't know what went wrong, but combination of several tries such as reset, rebooting, and changing forwarding options has fixed it, EXCEPT port 443 for quickVPN. That port is still not open, and I think I need to focus specifically on that port.

[Quote/]**********************************************
Can you make one of these?

http://www.snort.org/docs/tap/

Failing that, you need to attach a console cable to the Cisco as a first step and set your console to 8N1 9600bps
*****************************************************[/Quote]
Sorry, but I don't think I can make it. I honestly don't understand your last sentence, either. If it's OK to use a switch instead of a hub, then I'll probably go for the first option, though I'm not sure if the problem of quickVPN is from the port 443 issue. Because it seems there are lots of issues with Linksys quickVPN connection.
0
 
rowansmithCommented:
Dosn't sound like it anymore, I would start looking at the configuration on your Linksys, is it the same as the other settings?
0
 
ychousaAuthor Commented:
Hi, rowansmith. I couldn't have time yesterday due to an emergency. Even though you haven't had a chance to completely resolve the problem, I will give you the total points for your time and effort. I think configuring Linksys VPN is a different subject, so I will post any question later on. Once again, thank you.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

  • 8
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now