I'm trying to forward a couple ports on my broadband router so that SSH and
my web page are visible (on non-standard ports), but the router won't play
nice. I've done this successfully twice before, so I'm not a total idiot
(only partially so). Obviously I can't show you screen shots, but I can
email them out if requested.
The router is an Actiontec MI424-WR. It's a big guy, something over a foot
tall and almost 2" wide (standing on edge). The Verizon tech brought it
when we got FiOS TV (the set-top box gets its program data from
who-knows-where through a coax connection to the router).
I want to forward external 81 -> HTTP (80) and external 567 -> SSH (22).
So I log into the router @ 192.168.1.38 and click on "Firewall Settings" at
the top, then "Port Forwarding" on the left, then I see:
Networked Network WAN
Computer / Address Connection
Device Protocols Type Status
------------ ------------ --------------- ---------- -----------
192.168.1.11 192.168.1.11 SSH (external) All Resolving...
(Unresolved) TCP Any -> 567 Broadband
Devices
ebens-desktop ebens-desktop HTTP (external) All Resolving...
(Unresolved) TCP Any -> 81 Broadband
Devices
72.91.128.xxx 72.91.128.xxx FTP All Resolving...
(Unresolved) TCP Any -> 21 Broadband
Devices
I left out two columns: "Public IP Address" is blank for each one, and
"Action" has two icons in it for each one: one meaning "edit" and one
meaning "delete".
"ebens-desktop" is the router's name for my desktop machine (192.168.1.11).
I am using DHCP (/etc/network/interfaces says so) and am currently
connected, according to the router. That third item (the one about FTP) was
me just trying something out, using the default options. It can be
junked at any time; I'm not even running an FTP server. The "unresolved"
appears when I click the "Resolve Now" button.
The "unresolved" is what makes it not work. The router's log ends with
this:
Time Event Event-Type Details
-------- ------ ---------- -----------------------------
Jan 23 System Message daemon.warn cLink: clink0:
14:10:37 Log ioctl(DRV_GET_MY_NODE_INFO)
2007 failed, res=-1: Bad address.
I found a forum for this ISP, and found (after someone complained about the
same problem):
,--
| Well, "Bad address."
|
| What's the IP of your router?
|
| What's the IP of the machine behind your router you want ports to forward
| to?
|
| Are they on the same subnet? Maybe you typed the IP wrong?
|
| Maybe the IP you are coming in from is unroutable? (probably not)
'--
The solution agreed on in this case was to get around the problem in the
application, so actual port forwarding was never done.
The rule I'm trying to set up seems to pass his tests, except I can't see
how the router's IP address matters. What am I forgetting?
-- -eben QebWenE01R@vTerYizUonI.nOetP 1101000 1110100 1110100 1110000 0111010 0101111 0101111 1110010 1101111 1111001 1100001 1101100 1110100 1111001 0101110 1101110 1101111 0101101 1101001 1110000 0101110 1101111 1110010 1100111 0111010 0111000 0110001 ----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 15:00:48 EDT