Port forwarding problem


vesterscott <vesterscott@...>
 

I'm on Bellsouth DSL, with a Homeportal 1100 2-Wire modem and
Linksys WRK54G router (yes, it has with the latest firmware). Node
is 4065. The Linux box has static IP 192.168.1.50, and the Linksys
router is on DHCP.

Rx connect and incoming appear to be working well, but the node does
not respond to incoming. Pinging locally and outside works okay.

troubleshoot-irlp says all is well, except for the fact that ports
2074-2093 and 15425-15427 are not being forwarded correctly. The
only place I could find in the Linksys router configuration that
involved port range forwarding was under "Applications and Gaming",
so I entered these ports there, plus 192.168.1.50, for both TCP and
UDP, and checked the "enabled" boxes. Rebooted the Windows desktop
and the Linux box and re-ran ./scripts/troubleshoot-irlp...but got
the same port forwarding error.

H e l p......

73,

Vester N8EKA


Richard Cook <w2rac@...>
 

With some of the DSL modems, they block ports themselves.
Check the software and see if the modem is doing the blocking.
Like the router the modem can do this.
Try plugging the IRLP box directly into the modem and run the trouble shoot script, If the same error then you have it.
I have bellsouth DSL here and my older RJ45 only modem does not do this.


vesterscott <vesterscott@bellsouth.net> wrote:
I'm on Bellsouth DSL, with a Homeportal 1100 2-Wire modem and
Linksys WRK54G router (yes, it has with the latest firmware). Node
is 4065. The Linux box has static IP 192.168.1.50, and the Linksys
router is on DHCP.

Rx connect and incoming appear to be working well, but the node does
not respond to incoming. Pinging locally and outside works okay.

troubleshoot-irlp says all is well, except for the fact that ports
2074-2093 and 15425-15427 are not being forwarded correctly. The
only place I could find in the Linksys router configuration that
involved port range forwarding was under "Applications and Gaming",
so I entered these ports there, plus 192.168.1.50, for both TCP and
UDP, and checked the "enabled" boxes. Rebooted the Windows desktop
and the Linux box and re-ran ./scripts/troubleshoot-irlp...but got
the same port forwarding error.

H e l p......

73,

Vester N8EKA






--- IRLP-Owners YahooGroups List ---


Yahoo! Groups SponsorADVERTISEMENT


---------------------------------
Yahoo! Groups Links

To visit your group on the web, go to:
http://groups.yahoo.com/group/irlp/

To unsubscribe from this group, send an email to:
irlp-unsubscribe@yahoogroups.com

Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.



73's
Richard Cook
W2RAC
Port Orange, FL
446.950 tone127.3
IRLP Node 4053
www.IRLP.net
EchoIRLP Node 40531
www.echolink.org










---------------------------------
Do you Yahoo!?
Read only the mail you want - Yahoo! Mail SpamGuard.


David Cameron - IRLP
 

I have bellsouth DSL here and my older RJ45 only modem does not do
this.

You can also sometimes determine if a modem is performing Network
Address Translation (NAT) by looking at the WAN IP address in the
Linksys.

If it is of the form with:

192.168.X.X
10.X.X.X
172.16.X.X

Then there is something doing "NAT" before your box, and the ports
will not forward. I know of other people that have had to login to
their modems and set it to "bridge" mode.

Dave Cameron


vesterscott <vesterscott@...>
 

Tnx, but that disconnected the Linux box completely from the outside
world. Couldn't believe what I was seeing. Tried it twice.
troubleshoot-irlp went down in flames. Weird.

73,

Vester N8EKA

--- In irlp@yahoogroups.com, Richard Cook <w2rac@y...> wrote:
With some of the DSL modems, they block ports themselves.
Check the software and see if the modem is doing the blocking.
Like the router the modem can do this.
Try plugging the IRLP box directly into the modem and run the
trouble shoot script, If the same error then you have it.
I have bellsouth DSL here and my older RJ45 only modem does not do
this.


vesterscott <vesterscott@b...> wrote:
I'm on Bellsouth DSL, with a Homeportal 1100 2-Wire modem and
Linksys WRK54G router (yes, it has with the latest firmware). Node
is 4065. The Linux box has static IP 192.168.1.50, and the Linksys
router is on DHCP.

Rx connect and incoming appear to be working well, but the node
does
not respond to incoming. Pinging locally and outside works okay.

troubleshoot-irlp says all is well, except for the fact that ports
2074-2093 and 15425-15427 are not being forwarded correctly. The
only place I could find in the Linksys router configuration that
involved port range forwarding was under "Applications and
Gaming",
so I entered these ports there, plus 192.168.1.50, for both TCP
and
UDP, and checked the "enabled" boxes. Rebooted the Windows desktop
and the Linux box and re-ran ./scripts/troubleshoot-irlp...but got
the same port forwarding error.

H e l p......

73,

Vester N8EKA






--- IRLP-Owners YahooGroups List ---


Yahoo! Groups SponsorADVERTISEMENT


---------------------------------
Yahoo! Groups Links

To visit your group on the web, go to:
http://groups.yahoo.com/group/irlp/

To unsubscribe from this group, send an email to:
irlp-unsubscribe@yahoogroups.com

Your use of Yahoo! Groups is subject to the Yahoo! Terms of
Service.



73's
Richard Cook
W2RAC
Port Orange, FL
446.950 tone127.3
IRLP Node 4053
www.IRLP.net
EchoIRLP Node 40531
www.echolink.org










---------------------------------
Do you Yahoo!?
Read only the mail you want - Yahoo! Mail SpamGuard.


vesterscott <vesterscott@...>
 

Yep, the Linksys router's "intenet IP address" is 172.16.1.34. Is
this the smoking gun, then?

I haven't found any hooks yet for getting the HomePortal 1100 2Wire
modem into "bridge" mode, But I'll give it another try.

73,

Vester N8EKA

--- In irlp@yahoogroups.com, "ve7ltd" <dcameron@i...> wrote:

I have bellsouth DSL here and my older RJ45 only modem does not
do
this.

You can also sometimes determine if a modem is performing Network
Address Translation (NAT) by looking at the WAN IP address in the
Linksys.

If it is of the form with:

192.168.X.X
10.X.X.X
172.16.X.X

Then there is something doing "NAT" before your box, and the ports
will not forward. I know of other people that have had to login to
their modems and set it to "bridge" mode.

Dave Cameron


Dave Gingrich <gingrich2@...>
 

On Thu, September 23, 2004 2:05 pm, vesterscott said:
Tnx, but that disconnected the Linux box completely from the outside
world. Couldn't believe what I was seeing. Tried it twice.
troubleshoot-irlp went down in flames. Weird.
After you switched to bridged mode, did you reboot the Linksys?

-Dave K9DC


David Cameron - IRLP
 

In doing a google search for

"homeportal 1100 2wire bridging"

I obtained the following info:

http://www.dslreports.com/faq/10495

Go to ยปhttp://homeportal/management
Click on Configure Services
Uncheck Enable Routing
Click Submit

The problem here is this:

1) Your wireless access point in the homeportal will no longer
perform and firewall or NAT for the wireless adapter. In other words,
it may end up being useless.

2) To reconfigure the router again, you will have to set a manual IP
address into the connected computer or router to reconfigure things.

3) You will have to use PPPoE on the router. I hope you have the
login information for your ISP :)

I am not an expert in the field, but it seems that these DSL
modem/wireless router/wired router are becoming very common.

I think a better way may be to see if there is a DMZ in the
homeportal, and then set that to the IP of the Linksys. Then you
should be able to forward ports to your heart's content.

I have yet to do searches on the capabilities of the firewall in the
homeportal.

Dave



--- In irlp@yahoogroups.com, "vesterscott" <vesterscott@b...> wrote:
Yep, the Linksys router's "intenet IP address" is 172.16.1.34. Is
this the smoking gun, then?

I haven't found any hooks yet for getting the HomePortal 1100 2Wire
modem into "bridge" mode, But I'll give it another try.

73,

Vester N8EKA

--- In irlp@yahoogroups.com, "ve7ltd" <dcameron@i...> wrote:

I have bellsouth DSL here and my older RJ45 only modem does not
do
this.

You can also sometimes determine if a modem is performing Network
Address Translation (NAT) by looking at the WAN IP address in the
Linksys.

If it is of the form with:

192.168.X.X
10.X.X.X
172.16.X.X

Then there is something doing "NAT" before your box, and the
ports
will not forward. I know of other people that have had to login
to
their modems and set it to "bridge" mode.

Dave Cameron


David Cameron - IRLP
 

The more I look at this, the more I think you should just do the
following:

1) Return your linksys, and just buy a SWITCH, not a router

2) If you dont want to return your linksys, plug the cable from the
DSL modem into one of the 4 ports of the switch. Then your computers
will be assigned 172.16.X.X addresses, and you will only have one
firewall.

3) Assign the IRLP computer a static IP address of 172.16.1.100
netmask 255.255.0.0 gateway 172.16.1.1
( verify that the netmask and gateway are the same as what is
currntly on the "internet IP of the linksys)

Do this by typing (as root)
netconfig

4) Follow the directions from the portforward.com site for forwarding
the IRLP ports. The internal IP will be 172.16.1.100.
http://www.portforward.com/2wire/1000hw-portforwarding.htm


The idea is that the DSL modem already has the router and firewall in
it, all you have to do is use it. By adding the linksys to the chain,
you are using two routers in series, which works OK in principle, but
is a functionally sound as wearing two pairs of sunglasses.

Hope this makes some sense....

Dave Cameron


Butch Bussen
 

I had a similar problem here with sprint dsl. I called tech support and had them talk me through setting the modem up as a bridge. I then set the router to log in and also set keep alive for 30 seconds or so to help maintain same ip address. You then just have to set up port forwarding in the router. Works great. I have the irlp box, two desktops, and wireless to the laptop.

73s
Butch Bussen
wa0vjr

On Thu, 23 Sep 2004, ve7ltd wrote:


The more I look at this, the more I think you should just do the
following:

1) Return your linksys, and just buy a SWITCH, not a router

2) If you dont want to return your linksys, plug the cable from the
DSL modem into one of the 4 ports of the switch. Then your computers
will be assigned 172.16.X.X addresses, and you will only have one
firewall.

3) Assign the IRLP computer a static IP address of 172.16.1.100
netmask 255.255.0.0 gateway 172.16.1.1
( verify that the netmask and gateway are the same as what is
currntly on the "internet IP of the linksys)

Do this by typing (as root)
netconfig

4) Follow the directions from the portforward.com site for forwarding
the IRLP ports. The internal IP will be 172.16.1.100.
http://www.portforward.com/2wire/1000hw-portforwarding.htm


The idea is that the DSL modem already has the router and firewall in
it, all you have to do is use it. By adding the linksys to the chain,
you are using two routers in series, which works OK in principle, but
is a functionally sound as wearing two pairs of sunglasses.

Hope this makes some sense....

Dave Cameron





--- IRLP-Owners YahooGroups List ---
Yahoo! Groups Links







Nate Duehr <nate@...>
 

vesterscott wrote:

Yep, the Linksys router's "intenet IP address" is 172.16.1.34. Is this the smoking gun, then?

Yes.

I haven't found any hooks yet for getting the HomePortal 1100 2Wire modem into "bridge" mode, But I'll give it another try.
I think I found it in an advanced screen on a different 2Wire device. There's also the possibility that BellSouth has turned off this feature in the device, those 2Wire units are quite smart, but also very controllable by the ISP.

73,

Vester N8EKA
Dave's question about whether or not you rebooted the Linksys is accurate but it may be more complex than that.

Last time I worked on a BellSouth DSL using the 2Wire units, the 2Wire unit was routing to them via PPPoE.

The alternate configuration you'd need in that case, is to put the 2Wire device into a Bridged mode (or have the ISP do it, if it's not possible to do it in the unit) and then configure the Linksys to do the PPPoE. You have two routers doing the same job, and you need to make one "transparent". Google searches for "port forwarding + 2Wire + BellSouth" turned up a bunch of folks who'd done it, if I remember correctly -- and that was almost 2 years ago, so the memory is fuzzy.

In addition, once you do this the little taskbar tool that 2Wire/BellSouth provides for monitoring your connection state, etc... will break. Because the 2Wire device in Bridged mode will not have an IP address on the network and will "disappear".

I had to set this up for family who wanted a wireless router and didn't want to pay BellSouth $200 for their 2Wire device that had 802.11b built-in when they could get a D-Link for $40 with a $20 rebate. I hear that for a while after that BellSouth offered the wired/wireless 2Wire devices for free during installation after they saw that people were adding on wireless routers and then calling their tech support and costing them a lot of time.

Some other possible gotchas:
- BellSouth may have switched to using private-side addresses to some customers. Look in your 2Wire device and see if the external interface is one of those address ranges Dave C. mentioned. If it is... you don't have an Internet-routable address being delivered to your house, and no machine on the Internet will ever be able to get to yours. I can't remember if BellSouth allows/charges for routable static IP addresses, but most large providers do. One way they can "enforce" that is by using non-routable addresses for customers not on statics. There's no way to know from here, but looking at the external IP of your 2Wire device will tell the story.

- Do you need the Linksys router? You currently have a network that looks like :

ISP Router --> 2Wire Router --> Linksys Router --> Local LAN

You have an extra unnecessary router in there unless there's some feature the Linksys is doing that the 2Wire doesn't.

Hope that helps... let us know what you find.

Nate WY0X