New Member
•
3 Messages
Port forwarding on Netgear CG3000DCR not workgin
I've been working on some apps for a client and for testing I need to open up some ports - TCP and UPD, port numbers vary based on the app we're working on.
On our old SMC equipment portforwarding working like a champ, it took a dump, was replaced with this Netgear Modem / Routher / Gateway - so I know it's possible. I've never had a staic IP since it's not a permanent connection - just do development work, apps / projects are loaded up onto our webservers we have installed.
So -- I go into Firewall section of the "Comcast Business Gateway", Port Configuration, set up my ports (public / private are the same), BOTH for protocols, and the IP of the host, check the enable box, then apply. From the outside world, these ports report as closed.
Internally, the ports on the deve (apps) server are fine - meaning the server's firewall is set up correctly. If I load up the apps to my webservers, the port connections are fine.
I have tried opening up various ports on the gateway - 20, 21, 80, 443, 3389, 1723. and others -- nothing opens up, ever. I've rebooted the gateway multiple times, deleted, recreated -- still no go. I've tried connecting to the ports locally via websites that check ports (http://www.yougetsignal.com/tools/open-ports/ for example) - as well as via remote connectoin to one of my remote servers - the ports are closed.
Like I said, ports need to opened for dev / testing work (VPN would be nice too when I'm on the road) - dont' need / want a static IP here (that's why I have several servers in a rack). This all worked great on the SMC, but not on the Netgear.
Do we need new firmware? Does port forwarding even work? I've been working with IT / Networks / Servers for 30+ years.. this is frustrating. Never encountered something like this that just doesnt' work.
Don't try to upsale me on a staic ip -- it's not an option. I shouldn't have to set up a DMZ -- even a cheapo linksys routher handles portforwarding just fine. I'd rather not add equipment as like the stability / simplicity of what I have - - I just need port forwardiing to work!
Accepted Solution
INW_Tim
New Member
•
3 Messages
11 years ago
Testing complete.
With the server app enabled to look for port forwarding, no go. With the server app not enabled to look for port forwarding, all is well. The SMC gateway was the other way around... love technology. 😉 Had solid connections for the 'outsdie world', one for a good long while.
I even changed the functional ports in the server app, still good to go.
I have everything I need to upgrade the server to Windows Server 2008 other than the time to do it. Thanks for the assist!
0
0
Accepted Solution
VBSSP-RICH
Advocate
•
1.4K Messages
11 years ago
Hey INW_Tim,
Glad you were able to complete your testing and at least your Server App Port Forwarding up and working for you.
I do remember many years ago, we had a couple apps using the same port(s) and the port(s) was(were) getting opened/closed by each other inhiniting the total functional operation of both Apps. So , we had to have the developer change one Apps i/o ports to rectify this situation. It sounds similar to your situation, but not a big deal for you I presuppose. Take care......
0
0
VBSSP-RICH
Advocate
•
1.4K Messages
11 years ago
Hello INW_Tim,
So, without dating ourselves you have only been doing IT networking for 30 years, huh? lol
Well let's see if we can get on the same networking page then :
The NetGear 3000 (NG3K) port forwarding works exactly the same as the SMC and actually better in some specific cases through some other business customers I know. So, if a static IP address is not an option, then the ONLY option is for you to use NG3K DHCP dynamic address (10.1.10.10 through 10.1.10.199) port forwarding.
This requires ALL devices MUST be connected directly into the NG3K LanPorts 1-4 via direct or indirect (i.e. through a switch/hub or such a device). Lastly, it will be absolutely necessary for you to force feed every single device with a NG3K LAN DHCP dynamic address utilization for stability purposes. You should consider starting this consecutive sequence at like 10.1.10.150 to allow any other device connected to have the 10.1.10.10 - 10.1.10.149 range left in the dynamic address table. Also, it is mandatory in this configuration that the NG3K Lease Time MUST be set to FOREVER. From here, it is into FIREWALL, PORT CONFIGURATION, ADD all AppName(s), public & private port(s), and NG3K DHCP forced device IP addresses.
Lastly, If you are using Windows 7 or 8 devices make sure that the security, antivirus, etc app(s) and port(s) settings are not being blocked. Very nice tool you use here { (http://www.yougetsignal.com/tools/open-ports/ for example) } but I would be interested in your port setup in this tool for accessing [WAN<->LAN DHCP IP] address to look inside the Netgear to determine if dynamic ip address ports are open?
Look forward to hearing status from you.
0
VBSSP-RICH
Advocate
•
1.4K Messages
11 years ago
Tons of fun....lol
Okay, now that I know what OS W2003 server you have, so you should try to find the PID of your app, then use netstat -ano to determine intrinsically what ports on the server are open for sure. I used this extensively in the XP/2003 days of past and it is usually always on the mark.
Lastly, if your server is connected to a Netgear LanPort 1-4 indirectly through a switch, this should cause no issue with public or private port range 21025 ~ 21027 being opened (port forwarded) on your 10.1.10.15 server within the Netgear whatsoever. .
0
0
INW_Tim
New Member
•
3 Messages
11 years ago
Okay -- this is "fun".
In the application, I can have it look for portforwarding or not. When I have it "on", it sits there looking and the ports are not open to the outside world. Now, if I turn it off in the config, then it starts and the ports are open. It hink the Netgear is looking for something to forward to before it opens the port, and the server app is looking for the open port before it starts (that bit is not my code).
Going to run some tests, will let you know in a couple days.
Gotta love this stuff sometimes.
FYI: Using ports 21025 ~ 21027, Windows Server 2003, internal IP 10.1.10.15 conected to a switch off the Gateway.
0
0