Bookmark and Share

Author Topic: Port Fwd Archer C7  (Read 8992 times)

0 Members and 1 Guest are viewing this topic.

Offline HandyMan49

  • PcWinTech Member
  • *
  • Join Date: Mar 2017
  • Posts: 6
  • Karma: 0
Port Fwd Archer C7
« on: March 27, 2017, 03:25:40 PM »
I'm new to port forwarding and DVR cameras.
Find enclosed screen shots and port info.
Please demonstrate all of the ports forwarded with this information for an Archer C7

Thank you,
HandyMan49

PcWinTech.com Forums

Port Fwd Archer C7
« on: March 27, 2017, 03:25:40 PM »

Offline trpted

  • PcWinTech Guru
  • ******
  • Join Date: Sep 2011
  • Posts: 1,143
  • Karma: 37
Re: Port Fwd Archer C7
« Reply #1 on: March 28, 2017, 07:13:47 AM »
Let us do this step by step. Starting off with pre-checks.

* Pre-check item one  *

#1 Most ISP have a TOS ( Terms Of Service )

#2 You need to find that TOS for your ISP.

#3 If your ISP does not say anything that you can not to run any servers of any kind - green light.

#4 If your ISP does not allow you to run any servers of any kind - yellow light.

-> Be sure to know the risk of running any kind of server.

-> You have to decide is worth the risk or not, based upon...

a) ..how easy you can get another ISP to serve you - for example.

b) ..how much does it cost to upgrade the type of account that you have with your ISP. Example from regular consumer to gaming or business plan.

-> Since you did not post what ISP you use or what your public IP Address is This is something that you must find.

********************** Pre-check item two  **********************

#1 Go to http://ipv4.whatismyv6.com/

#2 On that web page is the non bogan IPv4 (Public) Address that users from Internet use to connect to you.

#3 In your router, somewhere in there you must have the same non bogan IP Address.

Example non bogan IP Address is 999.888.777.666, but in the router the WAN IP is 10.0.0.100 - this is not ok.

#4 Important note: This is not to say that the non bogan IP Address has to be Static.

Example yesterday's IP Address was 999.888.777.666 and today's IP Address is 999.888.777.555 - this is ok.

#5 If you do not see the non bogan IP Address anywhere in the your router it's screens, it first matters what the WAN IP Address in the router is:

a) From 100.64.0.0 - 100.127.255.255, then CGNAT/NAT444/LSN is present.

->>

Quote

If you want more details about CGNAT/NAT444/LSN, you can look at

http://en.wikipedia.org/wiki/Carrier-grade_NAT

The possible fixes to fix your issue if CGNAT/NAT444/LSN is present.

#1 Have them in their NAT router forward the ports to the IP of your router..

#2 Upgrading the type of plan that you are on with your ISP so that you get a non bogan IP Address.

For example if you are a Residential Service Plan, consider going to a Business Service Plan.

#3 Consider switching to another ISP that can give you you a non bogan IP Address.

#4 For the long term future, get IPv6 working.


<<-

b) From 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255 OR from 192.168.0.0 to 192.168.255.255 and if your NAT router is a RJ-45 WAN port router:

Step 1: Physically find your NAT Router

Step 2: Find the WAN port of it.

Info: WAN port could be called Internet or To Modem or To ONT port.

Step 3: Report back what the brand and model of the device that is connected at the other end of the wire that is connected to the WAN port of the NAT router.

c) From 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255 OR from 192.168.0.0 to 192.168.255.255 and if your NAT router is NOT a RJ-45 WAN port router, then CGNAT/NAT444/LSN is present (See fix above if the case).

d) If from 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255 OR from 192.168.0.0 to 192.168.255.255 and if your NAT router is a gateway NAT router, it matters how it is connected to the Internet (RJ-45 WAN port or acting a modem combo).

e) If from 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255 OR from 192.168.0.0 to 192.168.255.255 and you do not know the type of NAT router yours is, it would help to know the brand and model it is - if you did not post already.

f) If the WAN IP was not any of those, it would be a good idea to check to see how the non bogan IP Address is not the same (and not NAT). If you need help finding why that is, you are to asking for help doing so.

**

-> Since you have posted what the brand and model of your router is: The type of NAT router that you have = RJ-45 WAN port NAT router.

-> Since you did not post what the WAN IPs are There is no way I can tell if they are the same or not.

************* Pre-check item three  ***************

As how to check what the IP Address is/are, Subnet Mask is/are, Default Gateway is, MAC Address(es) is/are, DNS Server(s) are of your computer, it depends on the OS and Version.

Note: This example assumes that you are on Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8 or Windows 10

#1 Press the Windows Start key to open the Start screen.

#2 Type cmd and press Enter to launch the command prompt.

Note: You do not need to click on anything on the Start screen—typing will automatically initiate a program search.

#3 Type ipconfig /all at the command prompt to check the network card settings.

#4 If not on Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8 or Windows 10 and you do not know how to check that network info - then post what is your OS and Version is.

#5 You need to make sure that the Default Gateway on your computer is the same LAN IP as your NAT router.
***

-> Since you have posted Uniden Guardian DVR network.txt  (which shows how this unit is configured) Looks good :)

*** Done with Pre-checks, doing to the next the step. ****

After going to Forwarding -> Virtual Servers -> Add New:

#1 Service Port = 8091, Internal Port = 8091, IP Address = 192.168.0.185, Protocol = TCP, Status = Enabled, press Save, press Add New then

#2 Service Port = 5000, Internal Port = 5000, IP Address = 192.168.0.185, Protocol = TCP, Status = Enabled, press Save, press Add New and finally the last rule (based upon what you are telling me - output Uniden Guardian DVR network.txt )

#3 Service Port = 5001, Internal Port = 5001, IP Address = 192.168.0.185, Protocol = TCP, Status = Enabled, and press Save
« Last Edit: March 28, 2017, 07:20:56 AM by trpted »
Private messages (PM) are not for support questions or for hints to not yet answered topics. The PMs are basically for confident conversation between the users, off the forum.

Offline HandyMan49

  • PcWinTech Member
  • *
  • Join Date: Mar 2017
  • Posts: 6
  • Karma: 0
Re: Port Fwd Archer C7
« Reply #2 on: March 28, 2017, 08:24:30 AM »
Please address the information provided in the "Port Forwarding" PDF file included with the original inquiry.

ISP 'Wavecable.com"
IPv4 Address of: 24.113.241.18
Internet connection's IP address is uniquely associated with the following
 "machine name": 24-113-241-18.wavecable.com (per GRC)

Isn't the NAT enabled for port forwarding?

Thanks HandyMan49
« Last Edit: March 30, 2017, 07:47:51 AM by HandyMan49 »

Offline trpted

  • PcWinTech Guru
  • ******
  • Join Date: Sep 2011
  • Posts: 1,143
  • Karma: 37
Re: Port Fwd Archer C7
« Reply #3 on: March 29, 2017, 01:19:37 PM »
You did not tell if the IP Address is the same or not.

You are not shown forwarding the ports yet.

I provided the correct info on how to forward the ports to the DVR.

NAT is enabled for forwarding in your NAT router.

Would you like to know how to check if the ports are open in the NAT router (and not blocked by the ISP) ?
Private messages (PM) are not for support questions or for hints to not yet answered topics. The PMs are basically for confident conversation between the users, off the forum.

Offline HandyMan49

  • PcWinTech Member
  • *
  • Join Date: Mar 2017
  • Posts: 6
  • Karma: 0
Re: Port Fwd Archer C7
« Reply #4 on: March 30, 2017, 07:36:02 AM »
Now you have me really confused.

The WAN IP is as shown 24.113.241.18 and appears every log on to the ISP.

You have addressed the ports that are displayed at the DVR but the PDF file has additional ports referenced. Are these to be added (port 554 and Ports 37777-37778)?

Per the DVR setup screen the DDNS server is : www.no-ip.com

I haven't shown forwarding the ports, how?

Thanks for the NAT info.

The port forwarding web page provided a program to check the open ports and when I execute the request for open ports the program replies 'failed' for each one.

Thanks
HandyMan49


Offline trpted

  • PcWinTech Guru
  • ******
  • Join Date: Sep 2011
  • Posts: 1,143
  • Karma: 37
Re: Port Fwd Archer C7
« Reply #5 on: March 30, 2017, 12:56:08 PM »
#1 Ok correction to what I said above.

Quote

After going to Forwarding -> Virtual Servers -> Add New:

#1 Service Port = 8091, Internal Port = 8091, IP Address = 192.168.0.185, Protocol = TCP, Status = Enabled, press Save, press Add New

#2 Service Port = 5000, Internal Port = 5000, IP Address = 192.168.0.185, Protocol = TCP, Status = Enabled, press Save, press Add New

#3 Service Port = 5001, Internal Port = 5001, IP Address = 192.168.0.185, Protocol = TCP, Status = Enabled, and press Save, press Add New

#4 Service Port = 3777, Internal Port = 3777, IP Address = 192.168.0.185, Protocol = TCP, Status = Enabled, and press Save, press Add New and finally the last rule

#5 Service Port = 3778, Internal Port = 3778, IP Address = 192.168.0.185, Protocol = TCP, Status = Enabled, and press Save.


#2 While you did show what is Forwarding -> Virtual Servers -> Add New and Forwarding -> Virtual Servers -> Add New, you did show any forwarding rules that are Forwarding -> Virtual Servers. Showed a blank Forwarding -> Virtual Servers page other than what options you have there.

#3 For port checking there are two methods:

** Method one = download, install an inbound client port checker. **

There are two that I know about.

a) http://www.pcwintech.com/simple-port-tester

b) https://portforward.com/help/portcheck.htm

Note to use an inbound client port checker you must forward in the NAT router to your Local/LAN IP Address - otherwise it will fail.

Where portforward's only allows a single port to be checked at a time, shane's port checker allows more ports to be checked at the same time.

** Method two **

#1 From DSLR (dslreports.com) -> Forums -> Broadband and Networking -> Networking -> How to know if ports are reaching my computer from outside the post by DSLR user mackey (user # 1479488) on 2015-Sep-24 at 8:05 pm - if you wanted to test port 5154, besides using an inbound client side port checker:

Quote
Run tcpdump (`tcpdump -p -n -i <interface> port 5154` would be a good command to start with). If you see incoming TCP SYN packets (not SYN/ACK), or incoming UDP packets from an IP which did not have an outgoing packet first, then the port is open.

#2 For tcpdump on Windows I found this info https://uwnthesis.wordpress.com/2014/05/26/windump-how-to-use-windump-tcpdump-on-windows-7-the-visual-guide/

#3 For a TCP and a UDP port checker you can use http://www.base64online.com/port-check.php

#4 Using a packet sniffer (like tcpdump = command line / like wireshark = GUI) you should see the traffic from an outside IP address reaching your computer, like I did (when you are forwarding the ports to your computer).

Code: [Select]
    user-name@pc-name:~$ tcpdump -p -n -i eth0 port 5154
    tcpdump: eth0: You don't have permission to capture on that device
    (socket: Operation not permitted)
    user-name@pc-name:~$ sudo tcpdump -p -n -i eth0 port 5154
    [sudo] password for user-name:
    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
    08:40:24.169428 IP 192.168.2.138.50157 > 192.168.2.255.5154: UDP, length 6
    08:42:15.839461 IP 4.79.142.206.37174 > 192.168.2.138.5154: Flags [S], seq 1464127243, win 8192, options [mss 1460], length 0
    08:49:05.773987 IP 90.145.69.116.51145 > 192.168.2.138.5154: UDP, length 0
    08:49:06.938818 IP 90.145.69.116.36530 > 192.168.2.138.5154: UDP, length 0
    08:57:57.580814 IP 198.199.98.246.42092 > 192.168.2.138.5154: Flags [S], seq 3027635480, win 14600, options [mss 1460,sackOK,TS val 4240686068 ecr 0,nop,wscale 8], length 0
    08:57:57.712334 IP 198.199.98.246.42093 > 192.168.2.138.5154: Flags [S], seq 1267700791, win 14600, options [mss 1460,sackOK,TS val 4240686102 ecr 0,nop,wscale 8], length 0
    08:57:57.840328 IP 198.199.98.246.42095 > 192.168.2.138.5154: Flags [S], seq 1515263633, win 14600, options [mss 1460,sackOK,TS val 4240686134 ecr 0,nop,wscale 8], length 0
    ^C
    7 packets captured
    7 packets received by filter
    0 packets dropped by kernel
    user-name@pc-name:~$

#5 Some notes about my testing..

a) 192.168.2.138.50157 is from this same computer.

b) As noted at grc.com -> Services -> Shield's Up they own 4.79.142.192 -thru- 4.79.142.207.

c) I believe 198.199.98.246 is from http://www.yougetsignal.com/tools/open-ports/ as it only checks TCP ports.

d) As you can see, I checked port 5154.

#6 The only UDP ports that grc.com checks, that I know of, are:

a) DNS (53) grc.com -> Freeware -> Utilities -> DNS Benchmark -> DNS Spoofability Test Introduction (or grc.com -> Services -> DNS Spoofability Test)

b) Universal Plug n'Play (UPnP) = 1900

https://www.grc.com/port_5000.htm

From grc.com -> Services -> Shield's Up: Click on Proceed and then GRC's Instant UPnP Exposure Test.
« Last Edit: March 30, 2017, 01:01:13 PM by trpted »
Private messages (PM) are not for support questions or for hints to not yet answered topics. The PMs are basically for confident conversation between the users, off the forum.

Offline HandyMan49

  • PcWinTech Member
  • *
  • Join Date: Mar 2017
  • Posts: 6
  • Karma: 0
Re: Port Fwd Archer C7
« Reply #6 on: March 31, 2017, 02:23:37 PM »
Thank you for your help and information.

I will be absorbing and applying the info you provided.
I haven't input the port info as of yet but will provide a screen shot.
I will get back with the results as soon as I can.

My schedule just received another must do issue.

HandyMan49

Offline HandyMan49

  • PcWinTech Member
  • *
  • Join Date: Mar 2017
  • Posts: 6
  • Karma: 0
Re: Port Fwd Archer C7
« Reply #7 on: April 07, 2017, 03:17:28 PM »
Thank you for your help and information.

I have provided a screen shot.
The forwarded ports seem to accomplish the required results.

Why do so many ports need to be forwarded?

HandyMan49


Offline trpted

  • PcWinTech Guru
  • ******
  • Join Date: Sep 2011
  • Posts: 1,143
  • Karma: 37
Re: Port Fwd Archer C7
« Reply #8 on: April 08, 2017, 09:46:09 AM »
#1 Is your issue fixed/resolved = no more help needed?

#2 As to why so many ports, I am not sure. It would be better to ask the vender what those ports are for, and not just the DVR unit.

An example, but not with the port number(s).

Quote

This given port number for HTTP traffic so that you can remotely view the content on the DVR.

This given port number for HTTP traffic so that you can remotely control the DVR.

This given port number for remote viewing only by cell phone connection.


In the manual / user guide that you provided to me, it does list one or more of those ports and what they are for.

They list the following: HTTP port, Sever port number for DVR/NVR, Mobile (cell phone) / remote port number of DVR/NVR, port 554, and the port range of 3777-3778.
Private messages (PM) are not for support questions or for hints to not yet answered topics. The PMs are basically for confident conversation between the users, off the forum.

Offline HandyMan49

  • PcWinTech Member
  • *
  • Join Date: Mar 2017
  • Posts: 6
  • Karma: 0
Re: Port Fwd Archer C7
« Reply #9 on: April 08, 2017, 10:03:22 AM »
Thank you for your help solving my port forwarding/understanding of port forwarding procedures.

I will visit this board again,

PS: you should use my included images for your instruction pages as the parameters are no longer what was shown.

Thanks Again,
HandyMan49

PcWinTech.com Forums

Re: Port Fwd Archer C7
« Reply #9 on: April 08, 2017, 10:03:22 AM »

 

email