Port Forwarding. Introduction. Port forwarding can be a very complex topic.

Similar documents
Port Forwarding or Network Address Translation (NAT) Introduction

Port Forwarding or Network Address Translation (NAT) Introduction

Port Forwarding & Case Study

Port Forwarding & Case Study

Port Forwarding & Case Study

Internet light troubleshooting

UIP1869V User Interface Guide

screenshots from it. Then once you have sent them to me, I do the rest & make recommendations to help sort the problem.

NETWORK SET UP GUIDE FOR

Quick Installation Guide


Powerline Adapters & Wireless Extenders

D-Link DSL-3782 Router. Introduction. This router will run TT own firmware, you cannot load the D-Link firmware.

Internet light troubleshooting

Networking Fundamentals. An Introduction to Networks. tel: +44 (0) fax: +44 (0) web:

Firewall. Access Control, Port Forwarding, Custom NAT and Packet Filtering. Applies to the xrd and ADSL Range. APPLICATION NOTE: AN-005-WUK

Quick Network Setup Guide

KACCTV4CHA Networking Guide

1) Introduction ) Network Overview ) Port Forwarding Notes... What is Port Forwarding?.. Port Forwarding through Two Routers...

Broadband Router DC-202. User's Guide

AN DrayTek - DMZ - ISP router

Sparsh DDNS Management System

LevelOne Broadband Routers

User Manual DIR-850L. Wireless AC1200 Dual Band Gigabit Router.

Wireless-G Router User s Guide

BASICS OF PORT FORWARDING ON A ROUTER

Homepage. My Internet Connection No internet access, unstable or slow connection or unable to browse.

A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 8 Networking Essentials

I m InTouch Installation Guide for the DSL/Cable environment with a Linksys router Models: BEFSRU31, BEFSR41 V.2, BEFSR11

UKNova s Getting Connectable Guide

Multi-Function Wireless A/P Router User s Guide

Chapter 4 Advanced Settings and Features

[Pick the date] DS-300 Configuration Guide v 5.7

REMOTE ACCESS DDNS CONFIGURATION MANUAL

How to Set-up Your DVR/NVR on a Network

SAGEMCOM 5355 GATEWAY

Application Rules - Allows the users to add or modify or remove Custom ruleset for firewall settings.

Port Forwarding Setup (NB7)

Introduction... 3 Package Contents... 4 VPN100 LEDs... 5 Connecting your VPN Installing USB drivers... 7

Connecting From Anywhere. without iteleport Connect

CHAPTER 7 ADVANCED ADMINISTRATION PC

Table of Contents. Cisco How NAT Works

Table of Contents. Keyspan:USB Server - User Manual

LevelOne. User's Guide. Broadband Router FBR-1402TX FBR-1403TX

ELK-IP232 INSTALLATION AND CONFIGURATION MANUAL. Ethernet to Serial Bridge /07

RX3041. User's Manual

TCP/IP CONFIGURATION 3-6

Multi-site Configuration and Installation Guide Port Forwarding Option

User Manual. AC ac Wireless Access Point/Router. Model WAC124. NETGEAR, Inc.

Quick Installation Guide

VG422R. User s Manual. Rev , 5

Network Configuration

Connecting to the NBN network

Using X-Particles with Team Render

Port Forwarding Guide

Section 3 - Configuration. Enable Auto Channel Scan:

EdgeXOS Platform QuickStart Guide

IP806GA/GB Wireless ADSL Router

A+ Guide to Hardware: Managing, Maintaining, and Troubleshooting, 5e. Chapter 10 Networking Essentials

DC-228. ADSL2+ Modem/Router. User Manual. -Annex A- Version: 1.0

power port make sure the ac adapter is plugged into the correct port Make sure to include at the beginning.

Mod o e d m e C on o f n i f gu g r u a r t a i t on o n Guide

A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 9 Networking Practices

DIGITCOM DVR System Quick installation MANUAL

Set-up for a Netgear DG834G (802.11b & g) ADSL Router with the Adpro FastTrace

Downloaded from manuals search engine

Chapter 3 LAN Configuration

Using Rumpus On Private Networks

Broadband Router. User s Manual

Sonicwall NSA240 / TZ210 Configuration Guide (Firmware: SonicOS Enhanced o & up)

User Guide. 300Mbps Wireless N USB ADSL2+ Modem Router TD-W8968 REV

Chapter 5 Advanced Configuration

2Wire IG 2700 ADSL Router. RJ45 connecting cable

Table of Contents. 1 Introduction. 2 Wireless Configurations. 3 Setting Up your LAN Administrator Station

Installing and Configuring the Voice UPB Bridge updated 1-Jan-2019

Multi-Function Wireless Router. User's Guide. Wireless Access Point Broadband Internet Access. 4-Port Switching Hub

Quick Installation Guide

Chapter 1.5 Data Transmission and Networking.

THE BASICS OF REMOTE VIDEO ACCESS. Consumer Guide. Copyright 2006 Lorex Technology Inc. English Version1.0

21000 Series Networking Guide User Manual v1.1

KX GPRS M2M I-NET. User s Guide. Version: 1.0. Date: March 17, KORTEX PSI 3 Bd Albert Camus Tel:

Router Router Microprocessor controlled traffic direction home router DSL modem Computer Enterprise routers Core routers

DSL/CABLE ROUTER with PRINT SERVER

LKR Port Broadband Router. User's Manual. Revision C

VG-422R. User s Guide

Broadband Router DC 202

AirCruiser G Wireless Router GN-BR01G

LevelOne FBR User s Manual. 1W, 4L 10/100 Mbps ADSL Router. Ver

The Administration Tab - Diagnostics

Gigaset Router / en / A31008-E105-B / cover_front_router.fm / s Be inspired

Simple Router Configuration Router Lab 10 Points Networking & Data Communications

2) INSERT THE SETUP CD

Before you Start! How to set-up Port Forwarding

CRG COCKPIT INSTRUMENTATION. Using Multiple Computers

Quick Network Setup Guide

MARQUE : REFERENCE : CODIC : NETGEAR GSS108E-100EUS NOTICE

Part # Quick-Start Guide. SpeedStream Residential Gateway 5450 Four-Port Router

Port Forwarding Setup (RTA1025W Rev2)

AT&T SD-WAN Network Based service quick start guide

USER MANUAL WI-LIGHT REMOTE APPLICATION

Transcription:

Introduction Port forwarding can be a very complex topic. TalkTalk's responsibility lies with ensuring that this facility works on their routers, they cannot be held responsible for you devices that you are trying to forward to. This document not only deals with how to configure port forwarding on most of the TalkTalk routers, but also deals with the complete end to end solution. A lot of of problems in this area are not the actual router configuration, but lay with the device on the local network that the ports are being forwarded to. These can be: application problems, personal firewall problems, or ports that need to be translated to other ports. An example of this is if you try to forward port 80, the first device to see this & react to it is the web server within your router. how the scenario is being tested. Note: you will not be able to test, or use port forwarding from a device on your network making a connection to your WAN IP address, or DDNS URL. If you did, the connection attempt would be routed out to the internet and back in again to your router. Once it comes back into your router again, it will not be forwarded to the device your port mapping rules state, but will be blocked by the router. This is known as Loop back traffic, which most routers will discard those packets as an additional security measure. If you have a Smartphone temporarily disable the Wi-Fi and turn on Mobile Data, which will enable you to test access to the device via your mobile phone network. Basic order of work required 1. 2. 3. 4. 5. Add the port forwarding rule(s) to the router Reboot the router Add the required inbound rule(s) to the firewall Launch the application Test it locally from another device connected to your router's network (i.e. a device with a 192.168.1.x address). 6. Test it with http://portchecker.co/check you will have to run it once for each port you are trying to use. and only go to step 7, if it reports ALL of the ports you have forwarded as OPEN. Bear in mind UDP ports do not work with port checking websites & will always show up as closed, even if they work OK. 7. If it works locally, but not via a port checking website, this might be down to the device in question having the wrong or no default gateway address allocated to its network adapter. This should normally be 192.168.1.1. 8. Test using other people on the internet Please see the next page for the main sections covered in this document. Page 1 of 33

Sections in this document Port forwarding on Huawei routers (not HG633 or HG635) Huawei HG633 & HG635 routers D-Link routers (prior to DSL-3780) D-Link DSL 3780 router D-Link DSL-3782 router Forwarding multiple ports Port Translation (where a port is intercepted by the router, e.g. Port 80) Windows firewall settings Test Locally Test from Internet DDNS HG633 being used as a modem & double port forwarding - complex Apple MACs running Windows applications Problems with the device you are forwarding to Page 2 of 33

on Huawei routers (& some DSL-3780s) Log in to the router & go into advanced mode. From there go to:advanced > NAT > Port Mapping Either select an existing Application, or use the Customization option. In this case the FTP Server application can be used, but the IP address (maybe 192.168.1.2) for the device hosting the FTP server will need to be added in the Internal host field:- If both external start & end ports are left at 21 this will work in passive mode OK. Page 3 of 33

Note when adding this forwarding rule you will see this box:- Click OK to that. Click Submit & reboot the router. Page 4 of 33

Huawei HG633 & HG635 routers This is quite easy to setup on this router (but your scenario and your equipment may well complicate the end to end situation greatly), but there are two concepts that are slightly different on this router compared to others: Applications these can be software programs such as an FTP Server, or the Minecraft game in server mode that run on a PC/server. They can also be stand alone devices such as CCTV cameras, or a set top box for a TV installation. Most will need to be setup individually to match your requirements, please see the section called No suitable application. Internal Host - you do not forward to a device's IP address, but you forward to a LAN Device using its MAC address. This address stays constant, even if the IP address changes. So it works well with a DHCP (automatically assigned) allocated address. This may cause problems forwarding to devices connected to some wireless extenders. This is not a fault of this router, but a problem of some wireless extenders behaving incorrectly as a bridge & not forwarding the device's MAC address in an IP packet, but substituting its own one in its place. Do not use Port Triggering, in line with most other routers, this renders the port mapping to be very intermittent at best & at worst the rule will not work at all. Note: because these routers work on identifying the device by it's MAC address, beware of devices such as IP cameras, that might have both wired & wireless connections. Each connection type will have it's own MAC address. If you initially configure the camera with a wired connection to configure it's wireless connection, then make sure you set the port mapping rule to point to the wireless MAC address & not the wired connection's MAC address. Page 5 of 33

Devices that do not appear within LAN Devices Any device that connects to the router, should appear in the LAN Devices display of the HG633/HG635, and must be shown as active. The easiest way to check if a device is active, is not be the colouring of its icon, but by setting the Status drop down to active. Then it will only show those devices that are active:- This is not a problem for basic internet use, but when it comes to port forwarding, I have found that if a device has to be manually added, ports will not be able to be forwarded to this device. This can be for several reasons, including:1. The device is not physically connected to either a LAN port, or the Wi-Fi network of the router, e.g. connected to a Wi-Fi extender. However, this should not happen if the extender behaves as a true bridge where the router sees packets coming in from the device, using the device's own MAC address as its source address. I have seen some extenders who forward the packets to the router from the device, using the MAC address of the extender, not the one belonging to the device itself. This is against the basic operation of a bridge & is the fault of the extender's design. You can get around this if the extender itself supports port forwarding, but this is very unlikely. The only other solution is to use a router that forwards to an IP address, not a MAC address. 2. This is a rare situation, but I have seen this none the less. The customer concerned misunderstood the way that DHCP IP address reservation worked. The device was configured with a static IP address on the device itself, rather than getting the address via DHCP, as well as reserving the address within DHCP. The router then sees a device connected to it that has the same IP address as it has to keep free for one of it's devices. Duplicate IP addresses on a network can cause serious problems, so I think that the router blocks the device with the same IP address & hence does not display it in LAN Devices. If you are using DHCP reserved addresses, always make sure that the device in question is still set to get its address allocated automatically from the DHCP server in the router. If a device appears in LAN Devices as an Unrecognised Device :- this might cause problems as well. Page 6 of 33

Port Mapping configuration page There are two routes to the port mapping page, either via the "Internet" tab followed by "Port Forwarding" on the left:- Alternatively click on "Home Network" and "LAN Devices" and click on one of the "Edit forwarding rules" links:- Page 7 of 33

Applying port forwarding Once in the "" configuration area, click "New port mapping":- The first thing to bear in mind is the mapping name. The next concept here is to ensure there is an entry for you desired application that is running on the device that you want to forward to. This could be an FTP Server, SNMP Server etc. This contains all of the port numbers required. There are a certain amount of these pre-configured, so click the "Application" dropdown box to see the options:- Note: this is purely an example, the chances of it meeting your requirements are just about none. You will most likely need the section called No suitable application. Page 8 of 33

So in its simplest form, the rule can be done very easily. Supposing you need to forward SNMP Traps (don't worry what these are, it is only a very simple example) to a PC connected to a LAN port on the router. This is an easy example as there is already a pre-configured application for this. All you have to do in this case is:1. 2. 3. 4. Allocate a name for this port mapping rule Select "SNMPTrap" from the "Application" dropdown box Select the desired PC to forward the traffic to from the "Internal Host" dropdown box. Reboot the router & job done! Page 9 of 33

No suitable application available In most cases there will be no suitable application existing in the "Application" dropdown box. This will require you to add your own application (e.g. Minecraft server, CCTV camera or DVR) to the port mapping application dropdown box. Before doing this you will need to know which ports need to be forwarded & ideally if they are TCP or UDP. You should be able to get this information from the vendor of the kit/software you are trying to use. Once you have added this new application, it is then automatically added to the dropdown box's list of applications. This new one is then ready for selection in the same way as the previous example. So first click the "Add port mapping application" link:- This will display the same list of applications, go down to the very bottom of the list, where an "Add port application" link will be found, click on that:- Page 10 of 33

Although there is a pre-configured application for an FTP server, this example was used to test the port forwarding functionality of this router and is used as an example here. Give the new application a suitable name, add the ports & select the protocol. If in doubt, set the protocol to "TCP/UDP":- You will now see your newly created application has been automatically added to the dropdown list of available applications:- Page 11 of 33

Now all you you have to do once back in the add new rule screen, is give the rule a name, select your new application and finally select the target device to forward traffic to. Then click the "Save" button & reboot the router:- If the required device is not listed, click the "Add device" link above, you will need to know its MAC address. Page 12 of 33

D-Link DSL routers (prior to DSL-3780) Log in to the router, then click on the Advanced tab at the top and on the left:- Try leaving the Connection as PVC0 but this could need changing to PVC1. There is no need to make any firewall changes within the router. Once the changes are complete, click Apply & then Reboot on the left. Page 13 of 33

D-Link DSL-3780 This is a bit of a weird router, in so much as some versions, once you get past the summary screens into "Advanced" mode have the Huawei "Look and feel" interface and some go into the more traditional D-Link interface. If your variant is of the "Huawei" interface and you should be able to follow my guidelines for Huawei routers. However, the vast majority of the DSL-3780 routers though have the D-Link interface, with these the port forwarding is set up under Virtual Servers. There is also talk that you have to configure the Applications section as well, but this is wrong. If the Applications are configured under the Special Application section, this makes the port forwarding operation very intermittent, often leaving the port closed when tested via various port testers such as http://portchecker.co/check. Please also note that there are a number of these preconfigured in the router, unless you really need these I would disable them at the least. First need to log in to the router, then select the edit function & setting the Special Application section above it:- Page 14 of 33

Virtual Servers Follow these instructions below taking particular notice of the interface option. This should not be left as WAN, but change it to PVC1. You can replace the Internal IP/port number with whatever ones you need. Click on the Advanced tab along the top and down the left hand side, click on Virtual Servers. The example below port forwards to an FTP server:- Page 15 of 33

Add the required rule & click the Add/Apply button. Router reboot If the router is rebooted at this point you may lose some of your settings, so go to:maintenance > System Settings > Save & reboot the device:- Page 16 of 33

DSL-3782 This is very simple to add to this router. Any problems that are encountered with the end to end solution are therefore more likely to be on the device in question, or elsewhere, not the router. Do not use Applications with the DSL-3782, that is port triggering & will render port forwarding to be unreliable at best, or not to work at all. Procedure You will need to create a static IP address for the device. This can either be done on the device itself & excluded from the DHCP IP address range on the router, or via the DHCP reservations in the router. To configure the port forwarding, go to:features > Leave the interface below to PVC1 & set the name & ports etc to match your scenario:- Note: if on fibre the interface may be set to PTM rather than PVC1 Page 17 of 33

Forwarding multiple ports This example is based on the HG633/HG635 routers. If for example you need to forward ports 9000 to 9010, as these are contiguous, so you can add them to the one application like this:- Continued on next page. Page 18 of 33

However, if you want to forward the two ports 8000 & 8500, as they are not contiguous you cannot do this. So when creating the application, do not enter the port 8000 and then click New to add 8500, this will not work. Otherwise you will end up with this, which will not work:- Continued on next page. Page 19 of 33

What you need to do is add one application per port, so you end up with two applications added (in my example Test8000 & Test8500 ) like this:- So they both now appear in the list of available applications thus:- Now use them in your port mapping rules accordingly forwarding them both to the same internal host:- Page 20 of 33

Port Translation (where a port is intercepted by the router, e.g. port 80) This mainly affects the Huawei HG633/Hg635 routers. If you have a PC for example, connected to your local network whose IP address is 192.168.1.100 which is hosting a webserver (this will use TCP port 80) and you want to access this from the internet, normal port forwarding will fail. Your webserver is expecting an incoming connection on port 80. So you make your connection attempt from the internet to:http://a.b.c.d where a.b.c.d is the external or WAN IP address of the router. However, the router's management system is also a webserver, so your connection attempt (as it is targeting port 80), will be intercepted by the router's webserver. This is why you might see the router's login screen & your connection never reaches the web server on your PC. What you need to do is choose an unused TCP port number above 1024 (for example port 8888), then create a new port forwarding rule and translate the external port 8888 to the internal port 80 (called PAT or Port Address Translation) and point this to the PC running the webserver. What you need is a rule like this:- Now test port 8888 via a port checking website & if open, then from the internet try a browser connection to:http://a.b.c.d:8888 where again a.b.c.d is your router's WAN IP address or DDNS URL. Note the colon character ":" that separates the IP address from the port number. On the HG633/635, create an application like this for it:name: Port80 External: 8888 8888 Internal: 80 80 Protocol: TCP Then use a suitable port mapping rule with this application. Page 21 of 33

Windows Firewall settings The screenshots come from Windows 7, but the procedure almost identical on later versions of Windows. Always allow the server's main.exe file if possible, rather than the ports, because in some cases with if your reason to port forward was to an FTP server (as per my case study), you may not always have control over what ports are used. Go to:- Create a new inbound rule:- Click Next in the above screen, then on this next screen browse to the program's executable file. In the case of the FileZilla Server (as per my case study), allow the server application (not the interface to the server). Please see next page. Page 22 of 33

Click Next, then on this screen tick Allow connection :- Then click next and on the next screen set as appropriate:- Page 23 of 33

Click Next again, give it a unique name & click Complete :- It will now be displayed in the list of inbound rules under the name you allocated to it. Page 24 of 33

Test Locally The next thing is to test that the client when connected to the same subnet can access the device that is being forwarded to (e.g. an FTP Server as per my case study) & make sure it all works correctly. If all is OK, then setup the port forwarding on the router. Testing from internet Note: when testing, you must have your server software running (e.g. FTP or Minecraft server software etc). Otherwise the port will always be closed. There are websites that can target your WAN IP address automatically & allow you to specify a port to check. It will report if it is open or closed. This should prove both your forwarding rule & your inbound rule within the firewall on your PC. The site I use is:http://portchecker.co/check When you visit it from a device connected to your router (wired or wi-fi), it will populate the form with your router's WAN IP address & port 80. Change the port number to the one you want to test & click the "Check" button. The example below when the FTP server forwarding rule was working correctly:- Once that is OK finally test from a PC or phone that is not connected to your router's network (wired or wireless), but has access to the internet from another broadband connection or 3G or 4G etc. Page 25 of 33

Note: most TalkTalk routers do not allow Loop Back access so you will need to access the device only from an external network when using the external internet address. You will not be able to access the external IP address from the internal IP address, when the external address is port forwarded to another local device. Most routers prevent Loop Back as an additional security measure. So if the device being forwarded to is 192.168.1.3 and the device making the test is 192.168.1.63, this device will not be able to make a test to the router's WAN IP address. If you have a Smartphone temporarily disable the WiFi and turn on Mobile Data, which will enable you to test access to the device via your mobile phone network. Alternatively you could use a wireless hot spot. As far as this case study is concerned an FTP client called FTP Cafe was run on an Android phone via the 3G network. To test from a browser (if applicable) you must specify the port number e.g. port 81:http://92.92.92.1:81 DDNS Dynamic DNS provides a domain (URL web address) for your router's WAN IP address to allow remote access to your broadband router's local network, particularly important if you use port forwarding. The problem is, if you try & access the router's network by the WAN IP address directly, this changes from time to time. DDNS keeps track of the current IP address and if you just use the domain supplied by your DDNS provider. The domain will update itself via the DDNS protocol, when the WAN IP address on the router changes. So DDNS will help you remotely access devices connected to your local router's wired or wireless connections, this could be PCs, DVR, webcam, camera system etc. However, this will also require port forwarding to have been correctly configured on the router as well. You will need to subscribe to a DDNS provider first. There are a number of free DDNS services available. Note: not all DDNS providers can be used on TalkTalk routers, for example No-IP can be used on a DSL-3750, but not on an HG633. This is not a fault of NO-IP, but is down to some of the routers only supporting certain DDNS providers. Page 26 of 33

HG633 being used as a modem & double port forwarding This topic is complex & not for the faint hearted. It can be another way of using a second router as a Wi-Fi extender as well as being a way of getting around a problem where a 3rd party router was purchased that did not include an integral ADSL/VDSL modem. This has been fully tested via an HG633 connected to a DSL-3780 router, using DDNS on the HG633. The same has also been tried successfully from an HG633 to a Netgear R7000 router which did not have an integral modem. Using an HG633 just for it's ADSL/VDSL modem is a contradiction in therm though, because it cannot be put into a modem only mode. Any router that supports true modem only mode will take the WAN IP address assigned by the network & forward this on to the router (Router B) connected to it (via that router's Fibre or EWAN port). This would mean that Router B now has the same WAN IP address assigned to it, as the modem connected to the network. The HG633 working in router mode (this is the default configuration) will supply an address on the 192.168.1.0 network to Router B, which will become that router's WAN IP address. In the scenario under test, Router B is a D-Link DSL-3780 an ethernet cable links the 3780's Fibre port to a LAN port on the HG633. There is no need to make any configuration changes to the DSL3780 other then adding a port forwarding rule (see later). However, the two routers must be on totally different IP networks to each other for this to work. The HG633 & most other domestic routers come as standard with an IP address of 192.168.1.1, hence they both use the 192.168.1.0 network. It does not matter which you change, but as all of the local devices would be connected to the DSL-3780, I would recommend leaving that on the 192.168.1.0 network and change the HG633 to use (for example) the 192.168.2.0 network. Now logic would say to set the HG633's management IP address to 192.168.2.1, but there seems to be a bug in the HG633. Although it will accept that IP address, Router B may not work correctly when connected. If the HG633s management address is set to say 192.168.2.254, then it does work fine. Log on to the HG633 and go to:home Network > LAN Interface > LAN Interface Settings:- Once done, you must reboot the HG633. Page 27 of 33

Setting this address will automatically set the DHCP IP address range to go from 192.168.2.2 to 192.168.2.253. Once initially connected, check to see the 3780 router appears in the HG633's LAN Devices (via the Home Network tab), it will initially be identified by its MAC address via an ethernet connection & be categorised as an Unrecognised device & will be in grey. Click Edit against it, give it a suitable name & set its Device Type to something like Desktop Computer (there isn't a category of Router ):- To keep things neat & tidy on the HG633, it is worthwhile reserving an IP address for the DSL3780 via the DHCP Reservation. I have used 192.168.2.253 for it, this can be set from:home Network > LAN Interface > DHCP Reservation Page 28 of 33

So this is what we have, the WAN IP address allocated to the HG633 of 1.2.3.4 is purely an example:- HG633 internet status DSL-3780 internet status Routing between routers It would seem reasonable that you might need to add a static route from the HG633 to the 192.168.1.0 network that hangs off the 3780, as well as a route back from the DSL-3780 to the HG633, but neither is required. This may be different on other routers. Page 29 of 33

Limitations To do this properly I would always recommend a pair of commercial routers, due to there greater flexibility & configuration options, but the cost of which is probably far too great to make it viable. Therefore there are some limitations that you have to live with. These mainly refer to the combination of HG633 & DSL-3780 used in this test scenario. Of course, if you use different routers to the ones I tested, you may not suffer these limitations. You cannot really compare free ISP routers to advanced 3rd party routers, this scenario is not really what the free ISP ones are designed to cope with. Despite adding static, or dynamic routes between the 192.168.1.0 & the 192.168.2.0 networks, it was not possible to route between these subnets. Neither router gives a display of the current routing table, so it is difficult to troubleshoot this. The firewalls on the routers may block web access to manage the routers from anywhere remotely, but I cannot prove this. Currently a device must be physically connected to the HG633 via LAN or Wi-Fi to manage it. The same goes for managing the DSL-3780 from the other subnet. However, this was not the case when a Netgear R7000 was used as Router B. So the routing incompatibility or firewall is not the case here, with either router being able to be managed from either subnet. Page 30 of 33

Double Port forwarding If you wish to forward some ports to a device hanging off router B, you will need to employ double port forwarding, which is more complex than standard port forwarding. What this is involves basically is that you forward the ports required in the HG633, but not direct to the local device, as that will not be seen by the HG633, but to Router B, which will appear in the list of LAN Devices. Then in Router B, you do more port forwarding to go from the incoming Fibre or EWAN port (i.e. the internet) to the local device. So if you wanted to forward TCP port 21 to an FTP server locally connected to Router B, it might have an IP address of 192.168.1.3. On the HG633 you would use something like:- The port mapping rule for it might look like this:- Page 31 of 33

Then on Router B, you would setup something like this making sure that the interface that the ports are due to be arriving on from the HG633. If using a DSL-3780 router for example, the Interface would be set to the WAN interface. The Internal IP is set to 192.168.1.3, as that is the IP address of the PC hosting the FTP server application:- Of course what this screen will look like, is dependant on the make/model of router that is being used as Router B. DDNS & the HG633 when the HG633 is used in this manner, the DDNS configuration should be applied to the HG633 only, but again other routers may be different. You can use a free DDNS provider such as DuckDDNS for this if you wish with the HG633. If you use another router in place of the HG633, they may support other free DDNS providers (of course you can always use a paid for provider as an alternative, they are generally more widely supported across router makes & models). Double port forwarding with HG633 as slave or extender With the HG633 as the extender or slave router, double port forwarding will not work. This is because there is no way to change the interface that the forwarding rules listen on. It will still be listening on the broadband/internet interface, not the LAN port. Page 32 of 33

Apple MACs running Windows applications Apple MACs for sometime now have been able to run Windows applications via the Parallels Desktop software:http://www.parallels.com/uk/products/desktop/ There are problems running certain Windows applications (e.g. Minecraft server), because these applications may not open the ports correctly when using Parallels. This will mean that port forwarding might not work, unless this is done correctly. Problems with the device you are forwarding to There can be many reasons why port forwarding fails, that are nothing to do with the configuration of the router. Some of these include:static IP addressing Where the device has a static IP address, make sure that both the default gateway and the DNS server are set to the router's IP address (normally 192.168.1.1). Default gateway wrong The device's network setting must have the default gateway setting configured to the same IP address as the router. Page 33 of 33

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback