Bookmark and Share

Recent Posts

Pages: [1] 2 3 ... 10
1
(Program) Simple Port Forwarding / Re: Port Fwd Archer C7
« Last post by trpted on Yesterday at 01:19:37 PM »
You did not tell if the IP Address is the same or not.

You are not shown forwarding the ports yet.

I provided the correct info on how to forward the ports to the DVR.

NAT is enabled for forwarding in your NAT router.

Would you like to know how to check if the ports are open in the NAT router (and not blocked by the ISP) ?
2
(Program) Simple Port Forwarding / Re: Port Fwd Archer C7
« Last post by HandyMan49 on March 28, 2017, 08:24:30 AM »
Please address the information provided in the "Port Forwarding" PDF file included with the original inquiry.

ISP 'Wavecable.com"
IPv4 Address of: 24.113.241.18
Internet connection's IP address is uniquely associated with the following
 "machine name": 24-113-241-18.wavecable.com (per GRC)

Isn't the NAT enabled for port forwarding?

Thanks MADrouin
3
(Program) Simple Port Forwarding / Re: Port Fwd Archer C7
« Last post by trpted on March 28, 2017, 07:13:47 AM »
Let us do this step by step. Starting off with pre-checks.

* Pre-check item one  *

#1 Most ISP have a TOS ( Terms Of Service )

#2 You need to find that TOS for your ISP.

#3 If your ISP does not say anything that you can not to run any servers of any kind - green light.

#4 If your ISP does not allow you to run any servers of any kind - yellow light.

-> Be sure to know the risk of running any kind of server.

-> You have to decide is worth the risk or not, based upon...

a) ..how easy you can get another ISP to serve you - for example.

b) ..how much does it cost to upgrade the type of account that you have with your ISP. Example from regular consumer to gaming or business plan.

-> Since you did not post what ISP you use or what your public IP Address is This is something that you must find.

********************** Pre-check item two  **********************

#1 Go to http://ipv4.whatismyv6.com/

#2 On that web page is the non bogan IPv4 (Public) Address that users from Internet use to connect to you.

#3 In your router, somewhere in there you must have the same non bogan IP Address.

Example non bogan IP Address is 999.888.777.666, but in the router the WAN IP is 10.0.0.100 - this is not ok.

#4 Important note: This is not to say that the non bogan IP Address has to be Static.

Example yesterday's IP Address was 999.888.777.666 and today's IP Address is 999.888.777.555 - this is ok.

#5 If you do not see the non bogan IP Address anywhere in the your router it's screens, it first matters what the WAN IP Address in the router is:

a) From 100.64.0.0 - 100.127.255.255, then CGNAT/NAT444/LSN is present.

->>

Quote

If you want more details about CGNAT/NAT444/LSN, you can look at

http://en.wikipedia.org/wiki/Carrier-grade_NAT

The possible fixes to fix your issue if CGNAT/NAT444/LSN is present.

#1 Have them in their NAT router forward the ports to the IP of your router..

#2 Upgrading the type of plan that you are on with your ISP so that you get a non bogan IP Address.

For example if you are a Residential Service Plan, consider going to a Business Service Plan.

#3 Consider switching to another ISP that can give you you a non bogan IP Address.

#4 For the long term future, get IPv6 working.


<<-

b) From 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255 OR from 192.168.0.0 to 192.168.255.255 and if your NAT router is a RJ-45 WAN port router:

Step 1: Physically find your NAT Router

Step 2: Find the WAN port of it.

Info: WAN port could be called Internet or To Modem or To ONT port.

Step 3: Report back what the brand and model of the device that is connected at the other end of the wire that is connected to the WAN port of the NAT router.

c) From 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255 OR from 192.168.0.0 to 192.168.255.255 and if your NAT router is NOT a RJ-45 WAN port router, then CGNAT/NAT444/LSN is present (See fix above if the case).

d) If from 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255 OR from 192.168.0.0 to 192.168.255.255 and if your NAT router is a gateway NAT router, it matters how it is connected to the Internet (RJ-45 WAN port or acting a modem combo).

e) If from 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255 OR from 192.168.0.0 to 192.168.255.255 and you do not know the type of NAT router yours is, it would help to know the brand and model it is - if you did not post already.

f) If the WAN IP was not any of those, it would be a good idea to check to see how the non bogan IP Address is not the same (and not NAT). If you need help finding why that is, you are to asking for help doing so.

**

-> Since you have posted what the brand and model of your router is: The type of NAT router that you have = RJ-45 WAN port NAT router.

-> Since you did not post what the WAN IPs are There is no way I can tell if they are the same or not.

************* Pre-check item three  ***************

As how to check what the IP Address is/are, Subnet Mask is/are, Default Gateway is, MAC Address(es) is/are, DNS Server(s) are of your computer, it depends on the OS and Version.

Note: This example assumes that you are on Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8 or Windows 10

#1 Press the Windows Start key to open the Start screen.

#2 Type cmd and press Enter to launch the command prompt.

Note: You do not need to click on anything on the Start screen—typing will automatically initiate a program search.

#3 Type ipconfig /all at the command prompt to check the network card settings.

#4 If not on Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8 or Windows 10 and you do not know how to check that network info - then post what is your OS and Version is.

#5 You need to make sure that the Default Gateway on your computer is the same LAN IP as your NAT router.
***

-> Since you have posted Uniden Guardian DVR network.txt  (which shows how this unit is configured) Looks good :)

*** Done with Pre-checks, doing to the next the step. ****

After going to Forwarding -> Virtual Servers -> Add New:

#1 Service Port = 8091, Internal Port = 8091, IP Address = 192.168.0.185, Protocol = TCP, Status = Enabled, press Save, press Add New then

#2 Service Port = 5000, Internal Port = 5000, IP Address = 192.168.0.185, Protocol = TCP, Status = Enabled, press Save, press Add New and finally the last rule (based upon what you are telling me - output Uniden Guardian DVR network.txt )

#3 Service Port = 5001, Internal Port = 5001, IP Address = 192.168.0.185, Protocol = TCP, Status = Enabled, and press Save
4
(Program) Simple Port Forwarding / Re: Problem spf + roter TP-link wr740N v6
« Last post by trpted on March 27, 2017, 07:35:34 PM »
While I know I could re-edit my post, this just makes it easier to read.

Last update by me, that is unless you reply...

I also sent a PM/IM to you with this info..

I point to my quote my self at my own threads at DSLR (dslreports.com). All of the replies to these threads, I am sure that you will find interesting.

#1 https://www.dslreports.com/forum/r24685492-DMZ-and-portforwarding-are-equally-dangerous

Quote
Ok, I change my mind around more.

It does not matter how a machine gets compromised, period...

That could by allowing users from the net (typically port forwarding - not usually using the DMZ), Wireless Access point is not using wireless security protection (or has been hacked), and for example spyware/malware get's downloaded onto a PC.

..All other computers are (assuming you are not cascaded NAT) at risk.

Is that what he is saying?

#2 https://www.dslreports.com/forum/r31297960-Using-DMZ-dangerous-for-a-game-console

Quote
While I know using the DMZ is dangerous, is it and how is it dangerous for a game console?

Note this does assume that the game console is correctly setup to use a Static IP and in the router is/are DMZing to the game console's Static IP.

Thank you


#3 

Quote
Considering the info that is at and for example http://www.yourownlinux.com/2013/07/how-to-configure-ubuntu-as-router.html after I were to setup a DYI NAT Router, without setting up two other NAT Routers how would I setup an untrusted LAN?

So that you can answer my question, assume the following:

etho is the NIC that that will be connected to Internet

eth1 is the NIC that will be the trusted LAN

eth2 is the NIC that will be the untrusted LAN.

[EDIT] I even see at https://rbgeek.wordpress.com/2012/05/13/change-the-network-card-name-in-ubuntu-12-04/ I could change the Name of the NICs

Thank you


#4 https://www.dslreports.com/forum/r30984220-The-Router-rumble-Ars-DIY-build-faces-better-tests-tougher-competition

Quote
Previous post/articles about this from arstechnica.com on DSLR

Numbers don't lie - it's time to build your own router

Guide to building a Linux router from scratch

Quote
Over the course of 2015, I noticed a trend. Rather than replacing routers when they literally stopped working, I increasingly needed to act earlier—swapping in new gear because an old router could no longer keep up with increasing Internet speeds available in the area. Famously around the Ars forums, this problem soon evolved into our homebrew router initiative. In January, I showed my math as a DIY-Linux router outpaced popular off-the-shelf options like the Netgear Nighthawk X6 and the Linksys N600 EA-2750. And in August, I shared the steps necessary to build one of your own.

After readers got a look at the performance charts, I got a ton of outraged "why didn't you test my favorite brand?!" comments. If you were one of those skeptics, congrats—today is your day! The Ars homebrew router special has been coaxed out of retirement to test its speeds against an entirely new lineup of gear. And to raise the stakes a bit further, the Ars team has broken out some new and improved methods that test more hardware and a couple of purpose-designed router distros. This time, we're even offering power consumption figures as well.

I found that to be an interesting read at http://arstechnica.com/gadgets/2016/09/the-router-rumble-ars-diy-build-faces-better-tests-tougher-competition/

Next up in the series is about different types of wireless NAT routers and wireless vs wired. Which should be interesting in the Networking area.


#5 https://www.dslreports.com/forum/r31322861-DYI-Linux-Distro-4-connection-sharing-vs-normal-NAT-router-entries-q

Quote
I had earlier questions that I asked in Some questions on Exploring DIY Linux Router Distros however, now I have another question.

With NAT routers there is a maximum number of entries that one could forward for.

Do software based NAT router(s) have more entries that one could forward for than a normal hardware based NAT routers?

And if so, Which software based NAT router(s) have the most number of entries one could add?

Does one have to roll one up one self (for example turning a computer that running Ubuntu Server version into acting as a NAT router) to get even more entries?

Thank you
5
(Program) Simple Port Forwarding / Port Fwd Archer C7
« Last post by HandyMan49 on March 27, 2017, 03:25:40 PM »
I'm new to port forwarding and DVR cameras.
Find enclosed screen shots and port info.
Please demonstrate all of the ports forwarded with this information for an Archer C7

Thank you,
HandyMan49
6
Misc / Re: ZTE 4G MF368 router problem blocked by MTN?
« Last post by trpted on March 17, 2017, 06:22:44 AM »
#1 Info part one

a) Go to http://ipv4.whatismyv6.com/

b) On that web page is the non bogan IPv4 (Public) Address that users from Internet use to connect to you.

c) In your router, somewhere in there you must have the same non bogan IP Address.

Example non bogan IP Address is 999.888.777.666, but in the router the WAN IP is 10.0.0.100 - this is not ok.

d) Important note: This is not to say that the non bogan IP Address has to be Static.

Example yesterday's IP Address was 999.888.777.666 and today's IP Address is 999.888.777.555 - this is ok.

#2 Info part two

As how to check what the IP Address is/are, Subnet Mask is/are, Default Gateway is, MAC Address(es) is/are, DNS Server(s) are of your computer, it depends on the OS and Version.

Note: This example assumes that you are on Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8 or Windows 10

a) Press the Windows Start key to open the Start screen.

b) Type cmd and press Enter to launch the command prompt.

Note: You do not need to click on anything on the Start screen—typing will automatically initiate a program search.

c) Type ipconfig /all at the command prompt to check the network card settings.

d) If not on Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8 or Windows 10 and you do not know how to check that network info - then post what is your OS and Version is.

e) You need to make sure that the Default Gateway on your computer is the same LAN IP as your NAT router.

#3 Info part three:

If the non bogan IP Address is not the same IP Address (keep in mind it does not have the Static), one of the reasons why that could happen is CGNAT/NAT444/LSN is present.

If you want more details about CGNAT/NAT444/LSN, you can look at

http://en.wikipedia.org/wiki/Carrier-grade_NAT

c) The possible fixes to fix your issue if CGNAT/NAT444/LSN is present.

#1 Have them in their NAT router forward the ports to the IP of your router..

#2 Upgrading the type of plan that you are on with your ISP so that you get a non bogan IP Address.

For example if you are a Residential Service Plan, consider going to a Business Service Plan.

#3 Consider switching to another ISP that can give you you a non bogan IP Address.

#4 For the long term future, get IPv6 working.
----

#4 Info part four, if manually forwarding (or wish to adjust the settings) and if asked for a remote/source IP Address it goes like this.

a) Let us say that the fictional IP Address of 999.888.777.666 existed ( I can assure it does not as IPv4 is only 0.0.0.0 to 255.255.255.255 and IPv6 is all hex with colons between ), it was mine, I did not share my connection with others (parents/son/daughter), and you wanted to only allow me to connect through your router to your computer - then it case you would type in 999.888.777.666

b) If you do not want to only allow only a certain IP Address (OR IP Address Range) to connect to you, it has to be either blank (not filled in) OR if you can not leave it blank then it has to be 0.0.0.0.

#5 Info part five:

When forwarding manually remember to forward to your local IP Address, that is unless you are trying to forward some other computer (example to Xbox)

So if you get output...

IP Address 192.168.1.6
Subnet Mask 255.255.255.0
Default Gateway 192.168.1.1
At least one DNS 192.168.1.1

-> you would forward to 192.168.1.6

#6 Info part six:

a) From DSLR (dslreports.com) -> Forums -> Broadband and Networking -> Networking -> How to know if ports are reaching my computer from outside the post by DSLR user mackey (user # 1479488) on 2015-Sep-24 at 8:05 pm - if you wanted to test port 5154, besides using an inbound client side port checker:

Quote
Run tcpdump (`tcpdump -p -n -i <interface> port 5154` would be a good command to start with). If you see incoming TCP SYN packets (not SYN/ACK), or incoming UDP packets from an IP which did not have an outgoing packet first, then the port is open.


b) For tcpdump on Windows I found this info https://uwnthesis.wordpress.com/2014/05/26/windump-how-to-use-windump-tcpdump-on-windows-7-the-visual-guide/

#7 Info part 7, after you get the ports the ports forwarded in the router:

Info - Part a)

Here are some notes about listening:

Quote

a) If you are on Windows I point you to http://www.howtogeek.com/howto/28609/how-can-i-tell-what-is-listening-on-a-tcpip-port-in-windows/

b) If you are not on Windows (Mac, Unix/Linux), go look lookup listen on port and then your OS name using Google (or your other favorite search engine).

c) If nothing is listening any TCP ports that you check with a web based port checker, then TCP ports does not show up as open.

d) Be advised that you can not have two servers listening on the same the port on the same computer. So for example before you use an inbond-client side port checker you must make sure that uTorrent is not running - which explains on http://portforward.com/softwareguides/utorrent/utorrent.htm that they say

Quote
If uTorrent is currently open, you will need to completely close it at this time. Make sure that the green uTorrent icon is not still hiding in your notification area (next to your clock). If it is, right click on it and choose "Exit". Before moving forward to things like selecting torrents, seeders, and leachers, we need to verify that your port is open. We recommend downloading our free Open Port Check Tool to test if incoming connections are being allowed through your router on your uTorrent Listening Port

e) And generally if the program/app is running that you are trying to forward for, then the server is listening.

Info - 7 Part b)

Here are some catches about ping:

a) If the server that you forwarded requires that you reply to ping, well then you must enable responding to ping in the router.

b) If the server that you forwarded does not require that you reply to ping, well that depends on another factor..

As to what that other factor is, I point to and quote the post by nwrickert (DSLR user #1070900) in DSLR (dslreports.com) Forums >Broadband Tech > Security > Security > DMZ and portforwarding are equally dangerous? on 2010-08-21 at 13:53:23.
Quote
Quote
While he tells people that responding to ping is dangerous, he replys to ping.

That's a pretty minor point. The reason some people prefer to not respond to ping, is to avoid demonstrating their presence on the net. Gibson has a public site whose presence on the net is well known, so that reason for not responding to ping simply does not apply.

While Steve Gibson does sometimes say some useful things, he mostly seems to be making mountains out of molehills

Note: Sorry for my misspelling, I meant replies.

c) There are certain troubleshooting tools that require that you reply to ping.

For example if you wanted to use the followings tool(s) at DSLR (dslreports.com) -> Tools: Smokeping, Line quality - Ping Test, and for 24x7 Line Monitoring...

#4 If the ports are open (this means not just in the router) but the program/app does not work: I have an odd feeling that with this server, you must reply to ping.

Info - 7 Part c:

You must provide to users from the outside either your non bogan IP Address or DDNS.

What DNS is, here is the simple as possible version as how it works.

Quote
I know of a given domain name. What is their IP Address for that domain?

The first D in DDNS means/allows you to have a domain name the follows your non static non bogan IP Address. Which is a lot easier to provide and normally most people use DNS over the IP Address for the content servers that they want to connect to.. ;)

Info - 7 part d:

If you do not see the non bogan IP Address anywhere in the your router it's screens, it first matters what the WAN IP Address in the router is:

a) From 100.64.0.0 - 100.127.255.255, then CGNAT/NAT444/LSN is present (See fix above if the case).

b) From 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255 OR from 192.168.0.0 to 192.168.255.255 and if your NAT router is a RJ-45 WAN port router:

Step 1: Physically find your NAT Router

Step 2: Find the WAN port of it.

Info: WAN port could be called Internet or To Modem or To ONT port.

Step 3: Report back what the brand and model of the device that is connected at the other end of the wire that is connected to the WAN port of the NAT router.

c) From 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255 OR from 192.168.0.0 to 192.168.255.255 and if your NAT router is NOT a RJ-45 WAN port router, then CGNAT/NAT444/LSN is present (See fix above if the case).

d) If from 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255 OR from 192.168.0.0 to 192.168.255.255 and if your NAT router is a gateway NAT router, it matters how it is connected to the Internet (RJ-45 WAN port or acting a modem combo).

e) If from 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255 OR from 192.168.0.0 to 192.168.255.255 and you do not know the type of NAT router yours is, it would help to know the brand and model it is - if you did not post already. Since you have, I will see what I can find out about your NAT router.

f) If the WAN IP was not any of those, it would be a good idea to check to see how the non bogan IP Address is not the same (and not NAT). If you need help finding why that is, you are to asking for help doing so.

**

[EDIT] #1 Added Gateway NAT router

#2 The type of NAT router that you have = Gateway type of NAT router.
7
(Program) Simple Port Forwarding / Re: Problem spf + roter TP-link wr740N v6
« Last post by trpted on March 17, 2017, 05:46:08 AM »
In the mean time as I wait your reply, I will give more two cents.

* Issue one *

There is always a trade off.

You could use enable UPnP in the NAT router and not forward manually, however that has problems/issues.

a) If UPnP is enabled in the router

b) If an user has UPnP turned on, on their computer (Windows) / system (Xbox)

c) If an user has UPnP allowed by their software firewall on their computer.

d) and if an user has an UPnP aware app (for example uTorrent) on their computer.

Then the user could open port(s) in the router without knowing the router's control log-in!

If you find a server that you want to forward for is not UPnP aware, then I point you to

http://www.howtogeek.com/122227/how-to-quickly-forward-ports-on-your-router-from-a-desktop-application/

With info about: UPnP Port Mapper.

* Issue two *

While I know that you are trying to forward for games, I will assume something for the purpose of explaining.

Let us assume that you were forwarding for the web server Apache too.

As noted at both http://www.pcwintech.com/application-ports and https://portforward.com/ports.htm they tell you that you need to forward both TCP 80 and TCP 443.

While they tell you that, that info that they told (or are telling) you is not quite true.

a) By default it only listens on port 80.

b) Not only can an user change the port(s) that it uses, SSL is disabled by default.

A simple Google (or other online search engine) search for Apache enable ssl shows this. As well as a search for change Apache default ports

So slight tiny correction for that app/program:

Apache = User Specified Ports. Default TCP port 80 and 443 disabled by default.

While I understand that Apache is cross platform (not limited to Windows only) and that you can forward to another computer, kind of odd/strange if forwarding to one self if you use either one of those two port forwarding programs, it/they do not check what port(s) that Apache is setup to use.

-
8
Misc / ZTE 4G MF368 router problem blocked by MTN?
« Last post by Pat Collocott on March 17, 2017, 02:08:31 AM »
Hi
My PARADOX INSTALLER has informed me that everything has been done correctly to make the paradox app work

It works at home no problem and I can set alarm and do bypass etc

As soon as I am 500 m away from home the app will not work

My Paradox Installer tells me that MTN who supplied the router to my son a few years ago have locked the router so that it cannot accept from outside

So what happens is that I can receive alarm messages from my alarm but I cannot use the app on my Samsung to go into the alarm to see what alarm triggered and reset it after talking to the neighbours

Sorry for long intr but I am not TECH Savvy and explain it the best I can

Can anyone help me or put me in contact with a MTN Guru?
thank you
Pat Collocott
9
(Program) Simple Port Forwarding / Re: Problem spf + roter TP-link wr740N v6
« Last post by trpted on March 10, 2017, 11:38:22 AM »
Ok.

#1 When you are playing these games, what platform are you playing on?

a) Standard Normal Computer (IBM compatible OR Mac/Apple) ?

b) Game Console (Xbox, PlayStation)

#2 If playing on a game console, do you have only one game console OR do you have at least two game consoles?

Note for two game consoles: That includes game consoles owned by others behind this same NAT router (even a friend who brings his/her own, uses theirs own and then brings theirs back home)
10
(Program) Simple Port Forwarding / Re: Problem spf + roter TP-link wr740N v6
« Last post by lucianoxplod on March 10, 2017, 08:36:39 AM »
I play only one game at a time, but several games in one day. If I were to do the port forward process manually I would lose several and several minutes with it. So I've been using spf for a couple of years to automate this function. When I'm playing call of duty, for example, with one click I
open all the necessary ports.
Pages: [1] 2 3 ... 10