Port fowarding, wth is going on

[thescreensavers]

I cant for the life of me get these damn ports to open

But they are all closed! wtf, I am .235 and I try http://www.utorrent.com/testport?port=2300 and it says its closed, I am completely frustrated been at this for two days now.

WRT54GS V4 running the latest Tomato 1.27

 

[Fardringle]

Are the ports also open in the software firewall(s) on the destination computers?

 

[drebo]

They're going to say "closed" until you have an application running on your system that's listening on those ports. Are you running that application when you test to see if the port is open?

 

[RebateMonger]

They're going to say "closed" until you have an application running on your system that's listening on those ports. Are you running that application when you test to see if the port is open?

I'm not sure that's quite true. I think that Bitorrent tester is looking for a response (even if it's a refusal), rather than a connection.

I just tried "port forwarding" TCP Port 555 inbound on my SBS 2003 server with ISA Server 2004 installed. In ISA, I "published" a server on TCP Port 555, which is the equivalent of port forwarding on a hardware router.

Before creating a new ISA firewall rule dealing with TCP Port 555, the BiTorrent checker reported "An error has occured! Port 555 does not appear to be open."

Then, I "published" a server at TCP Port 555. I HAVE NO APPLICATIONS on my server listening on TCP Port 555. I have no ISA "listeners" set up on TCP Port 555, either.

If I use the following command in DOS:

--- netstat -an |find /i "listening"

it shows nothing listening on TCP Port 555.

But that torrent checker says, "OK! Port 555 is open and accepting connections". You will be able to receive incoming BiTorrent connections.

I looked at my ISA Server logs and see that if I disable the firewall server publishing rule, ISA Server flatly rejects the inbound request on TCP Port 555, since it's unsolicited and isn't allowed by any firewall rules. But if I enable the firewall server publishing rule, ISA Server allows the request, but the connection fails: "No connection could be made becaue the target machine actively refused it."

In the first case, ISA is just dropping the request. A The Bitorrent checker says there's an error. In the second case, ISA allows the request, but the server itself actively refuses it. But it passes the Bitorrent checker.

Similarily, when I enable the publishing (forwarding) rule, GRC's "Shields Up" probe shows TCP 555 as being "Open", but "unknown application for this port". If I disable the publishing rule, "Shields Up" reports a Stealth connection because the incoming requests have been dropped by ISA.

I'd double-check for hardware or software firewalls on that PC. If you are running BiTorrent software on the PC, come in from another PC on the same local network and telnet to the PC on TCP Port 47624:

--- telnet 192.168.2.235 47624

and see if you get a response.

 

[thescreensavers]

Its for a video game, Windows Firewall has the exceptions, the game still does not work.

I tried the telnet thing it gives me an error. telent is not a recognized command blah blah.

Any how the game worked flawlessly a year ago on an earlier patch, they released a new patch recently and caused all these issues and say you need to forward your ports, they need to fix their software imo.

 

[JackMDS]

http://support.microsoft.com/kb/240429

 

[thescreensavers]

^ Yep

I still dont get why it needs the damn ports, shit worked last patch fine.

Ports still aren't forwarded lol, I think I am just going to wipe my router and reinstall Tomato fresh

 

[RadiclDreamer]

Any chance your isp is blocking them?

 

[thescreensavers]

^ I am not sure, it seems that way hmm

I re flashed my router to OEM firmware and erased all the settings. I put my computer on DMZ and still no go on 2300

If I go to https://www.grc.com/port_2300.htm and click probe, it tells me its status is "Stealth" what ever that means.

 

[dawks]

Steath means nothing is responding on that port. Either the port is blocked by your ISP or a local firewall (router or software) is blocking the port. Since you placed your computer in the DMZ, it would indicate either your computers software firewall, or your ISP is blocking the port (or your DMZ isnt configured properly).

Have you tried turning off the Windows Firewall, and connecting your computer directly to the modem (bareback!)? Make sure Windows is fully patched before doing that

 

[seepy83]

Unless I missed something, I've only seen the Windows Firewall mentioned. Are you running any other security suite that includes a software firewall?

 

[thescreensavers]

^ Yep, Windows Firewall off, I cant think of anything. Any how I reinstalled Linksys Firmware restored factory defaults and everything works now lol. I did not have to forward any ports. weird.

 

[thescreensavers]

well it stopped working again.. uggg, I set my router to DMZ and turned off windows firewall but my port says closed now.

 

[RaiderJ]

When forwarding ports on my server with an FTP and HTTP server, I had to reboot DD-WRT before they worked properly. Tomato might be the same way.

 

[thescreensavers]

I rebooted it many times, I am also now using Linksys firmware again, I set my computer for DMZ and set the ports, and made sure my windows firewall was off, now the port scan says closed.

I dont get whats happening I never had problems opening ports before.

 

[RebateMonger]

According to your first attachment, you are trying to port-forward TCP Port 47624 to three different LAN addresses and trying to forward UDP Port 47624 to two different LAN addresses.

In fact, it looks like you are trying to forward all of the listed ports to two or more IP addresses.

You can't do that. You need to choose where you want to send those inbound requests sent to. They can only be forwarded to a single PC. If the router isn't complaining, then it's likely forwarding the ports to the first location in the list and ignoring the rest.

 

[Emulex]

disable upnp and roll your own by hand.

use static addressing.


ALWAYS select a subnet that is not default. when that tomato/dd-wrt blows up during the day when you are at work - resets to default open wifi - you will thank me for reminding you why you chose an obscure network and using static ip for any core boxes. esp shares. trust me on that one.

 

[thescreensavers]

According to your first attachment, you are trying to port-forward TCP Port 47624 to three different LAN addresses and trying to forward UDP Port 47624 to two different LAN addresses.

In fact, it looks like you are trying to forward all of the listed ports to two or more IP addresses.

You can't do that. You need to choose where you want to send those inbound requests sent to. They can only be forwarded to a single PC. If the router isn't complaining, then it's likely forwarding the ports to the first location in the list and ignoring the rest.

I am trying to forward these ports to 3 computers, to play a simple game. That makes sense since the first computer ports worked, the rest did not.

I am now on Linksys firmware and I just soly put my computer in on DMZ and selected the ports and now nothing working on my computer and the ports are not showing as open, but the game works fine on my other computer with no ports assigned, I am extremely frustrated.

I was playing for a bit went out came back and it just did not work any more.

disable upnp and roll your own by hand.

use static addressing.


ALWAYS select a subnet that is not default. when that tomato/dd-wrt blows up during the day when you are at work - resets to default open wifi - you will thank me for reminding you why you chose an obscure network and using static ip for any core boxes. esp shares. trust me on that one.

Yes I have upnp disabled and have static addressing. but what subnet?

 

[Emulex]

say your router is 192.168.1.0/24 - if you just use that - and the router self-destructs and resets to factory open wifi - all your machines will be on that network wide open.

if you chose 10.1.1.1 - the router would reject packets destined for that network (one would hope ) since it would be an illegal ip.

dd-wrt is particularily good at doing this (reboot to factory). buggy.

 

[thescreensavers]

say your router is 192.168.1.0/24 - if you just use that - and the router self-destructs and resets to factory open wifi - all your machines will be on that network wide open.

if you chose 10.1.1.1 - the router would reject packets destined for that network (one would hope ) since it would be an illegal ip.

dd-wrt is particularily good at doing this (reboot to factory). buggy.

Whats this router self destructs thing your talking about? My router is on 192.168.2.1 and I been running the same settings for years with out problems till now with the ports. My computers are set to never auto join, besides my signal does not go too far out of my house.

 

[Emulex]

dunno but it happened to a neighbor. i noticed a neighbor's router went off-air and a new LINKSYS (2.4 and 5ghz) came up - wide-open. tons of shares. i have a +14dbi horn aimed that way (front of house). they moved but i know now they are into gay pr0n.
lol.

just because you think the signal is low someone with a powerful rig can still hit ya up