best router that is configurable for port forwarding?

Bobby
Bobby used Ask the Experts™
on
I have Charter Spectrum service here in western Oregon. I need port 9000 to be open to the internet on my pc, because we set up debugging on our remote web server and it needs to get through 9000 on my pc so it can talk to my Netbeans IDE. The Spectrum tech has no idea how to set that up. Ive tried in the router they gave me, a Sagemcom Fast 5260, but the port forwarding rule I set up just will not work. So, Im thinking about getting a better router than the cheapie they gave me. What's the best router available that will allow port forwarding?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Although not a long term solution for security issues, instead of port forwarding (just to validate) try using DMZ instaed...

Also, make sure your firewall in the PC has that port open as well!

AFter that is all validated and working, you can investigate your port forwarding issues...

Author

Commented:
No firewall active on pc, AV is off for testing. I just tried what you said, DMZ, opened my device address 192.168.1.77 to internet... when i try a check via https://www.yougetsignal.com/tools/open-ports/ to see if port 9000 is open to my public-facing ipv4 address, it now comes back very quickly saying it is not open. Before I set the DMZ settings it took a few seconds to come back with same result. What is that telling me?

Author

Commented:
ok, more... I tried checking the port with a tool called PFPortChecker... unlike that link above, it DOES show that the port is open after I set the DMZ to open. If I disable the DMZ setting, it shows the port as not being open. If I enable the DMZ again, it shows the port as open. So, the DMZ setting is definitely allowing port 900 (and all others??) to be open on my pc and then blocking it if I disable the DMZ.

Now what? All of the above was tested after I disabled the port forward rule I created before. That rule seems to have no affect either way on any of this.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
and more... using that link above, I tested 3389 remote desktop port... with DMZ enabled, it shows open. With DMZ disabled, it shows closed. So, that tool at that link is definitely getting to my network, but no idea why it shows port 9000 closed no matter which way the DMZ is set.
DMZ is working as designed and forwarding ALL ports to your PC...

Port 900? 9000? is obviously blocked either by a firewall in your PC or by not having an active listener on that port!

Author

Commented:
You are helping greatly! Based on what you said, I opened up my Netbeans IDE and hit "debug", which makes it listen on 9000. Using the link above, with DMZ on, 9000 is open! If I close DMZ, it's not open (same thing if I stop "debug" in my IDE, so it's not listening anymore).

Ok, so... we now know that 9000 will open all the way to my IDE, which is the goal of all this. Great. Now I just need to get DMZ out of the loop so my pc isn't wide open to the world.

Suggestions?

Author

Commented:
So I enabled my AV and turned on Windows firewall to default settings... port 9000 was blocked. I created a custom inbound rule to open TCP on 9000, and now it shows as open. So, with AV on and Windows firewall on (with the customer inbound rule for that one port) everything works as I need it.

But...

That can't be safe enough, eh? To leave my PC open on the DMZ and then just rely on AV and Windows firewall to protect me?
Now that we have established connectivity, you can try doing Just the port forwarding on the appropriate port and turning off the DMZ...
Most Valuable Expert 2013
Commented:
Just in case, do you try this page for directions?
https://portforward.com/sagemcom/fast-5260/

Author

Commented:
You both helped with those last two comments... I re-enabled the port forwarding rule I created yesterday, then turned off the DMZ. Port 9000 was closed. Then I looked at the instructions in the link MASQ sent, and I saw one variation that I didnt do yesterday... the external host needed to be set to Any (*) and not my public facing ipv4 address. Now, Port 9000 is open with the DMZ off.

BUT

Is it safe to have the external host set to Any (*) instead of my own public ip address? Maybe I have no choice.
If your remote server that needs access has a static ip, you can try restricting access to just that ip...

But I wouldn't be overly concerned...
Most Valuable Expert 2013

Commented:
This setting is your public IP, it looks like the router also allows you to define the external IP.  There's no additional risk, external connections still cannot see beyond the public side of your router other than by the forwarded path that's configured.

Author

Commented:
You both rock. Thanks so very much.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial