• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 546
  • Last Modified:

Why can I not access this IP and Port from outside?

Hello Experts,

On my router, I have configured 'Apps and Gaming', 'Single Port Forwarding' to: External Port= 25565, Internal Port= 25565, Protocol= Both, Device IP#=, Enabled= true.

I am able to telnet from my LAN, 25565, but unable to access it from outside (looked up .141 external IP address). Any ideas why?

below are my iptables rules:
[root@localhost minecraft]# /sbin/iptables -L -n -v
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     udp  --  *      *             state NEW udp dpt:25565 
   31  1592 ACCEPT     tcp  --  *      *             state NEW tcp dpt:25565 
 248K   18M RH-Firewall-1-INPUT  all  --  *      *             

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RH-Firewall-1-INPUT  all  --  *      *             

Chain OUTPUT (policy ACCEPT 227K packets, 52M bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain RH-Firewall-1-INPUT (2 references)
 pkts bytes target     prot opt in     out     source               destination         
   48  6835 ACCEPT     all  --  lo     *             
   23  1900 ACCEPT     icmp --  *      *             icmp type 255 
    0     0 ACCEPT     esp  --  *      *             
    0     0 ACCEPT     ah   --  *      *             
 5990  679K ACCEPT     udp  --  *      *           udp dpt:5353 
    0     0 ACCEPT     udp  --  *      *             udp dpt:631 
    0     0 ACCEPT     tcp  --  *      *             tcp dpt:631 
 210K   14M ACCEPT     all  --  *      *             state RELATED,ESTABLISHED 
    0     0 ACCEPT     tcp  --  *      *             state NEW tcp dpt:21 
    0     0 ACCEPT     tcp  --  *      *             state NEW tcp dpt:22 
27773 2171K ACCEPT     udp  --  *      *             state NEW udp dpt:137 
 1070  251K ACCEPT     udp  --  *      *             state NEW udp dpt:138 
    0     0 ACCEPT     tcp  --  *      *             state NEW tcp dpt:139 
    0     0 ACCEPT     tcp  --  *      *             state NEW tcp dpt:445 
 2748  884K REJECT     all  --  *      *             reject-with icmp-host-prohibited 

Open in new window

to look up this box, .141, IP address, I went to www.ipchicken.com.
then used the address to test if I could access the box by trying to telnet to it via 25565...

telnet ok via LAN.
telnet not ok outside LAN...

any ideas?
thx for your help...

  • 7
  • 5
1 Solution
You must forward the port to the internal server's IP .117, not to the router's IP.
... then you can telnet from outside to the .141 address with port 25565 and you will reach the .107 machine on that port.
Lee IngallsDirector of IT/TS, Quality and FinanceCommented:
It's an internal IP that needs to forwarded to your external IP.  What IP is assigned to your router from your service provider. IP Port Forwarding...
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

epifanio67Author Commented:
boy... I am not following...
the box I want accessible for my kids vid games is 25565
which I set for port forwarding on the route....

what should I do again? so sorry... a bit slow...

What is the external IP of your router (the one you looked up at ipchicken)?
It's certainly not! That's a private address which cannot be used in public networks.

Basically you must configure your router to forward the port 25565 to the internal IP which you want to reach (seems that's what you did), but then telnet from outside to the external IP as detected by ipchicken!
epifanio67Author Commented:
I followed that... thank you....

correct, that's what I did... but only works from inside the LAN....

my router is configured to forward the port 25565 to the internal address
I logged in to the .141 box, launched firefox and went to ipchicken.com... got the external IP....

try to telnet from outside telnet 6x.xx.xx.1xx 25565...
unable to connect...

I think we are in the same page.... but, is this what you mean?

Yes, that's what I mean.

Are you able to ping 6x.xx.xx.1xx (from a CMD box)?

And is this still your external IP? The usual dynamic addresses change at regular intervals (depending on your provider).
Your address is from a College Network, right? Are you sure that there isn't a firewall blocking external access?
epifanio67Author Commented:
thanks so much for your help....

I am unable to ping the external address 6x.xx.xx.1xx (from a CMD box)...

that's what's puzzling me... not sure why....

(no, it is not from College Network).

firewall.... hmmm....

the iptables allow traffic to flow on port 25565 (see above)
SELinux is disabled...

I also stopped iptables
/sbin/service iptables stop

and tried to ping the external address 6x.xx.xx.1xx (from a CMD box)... nothing...

any other tests you may suggest?

Thanks again ....
iptables is an internal thing which is not related to your router's accessibility from the outside world.

Try to ping some well known IP like (a public DNS server).

If this succeeds then the external network where your router is in is actually isolated from external access, one way or the other, and I think you will have to ask your network provider (NETnet?) what's it all about!
epifanio67Author Commented:
thank you....

ping ok public DNS servers

ping yahoo.com ok
ping ok

It might well be that the network admins blocked access from the outside world to that subnet (which has nothing to do with accessing the outside world from it, by the way).
epifanio67Author Commented:
thank you so much for your help....

you are right, the network is isolated from external access.... I guess to keep people from hosting their own server :-)

Thanks again... good lesson...
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

  • 7
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now