Eben,
Thanks for the tip. It got me thinking along a different
line.
I think I have it solved, though at the moment I have only
partially tested it. I had misinterpreted the Verizon "Add
Ports" and was setting destination and source ports the
same (since I was only opening one port), when I should
have been setting the source port, "single," to "any" and
the destination port for openvpn. With Linksys the
portforwarding has start and end port range spec which are
set to the same for one port, so I just assumed the same
thing with the Verizon router (it has a "single"
or "range", but under each "source" and "destination").
Don
On Saturday 17 January 2009 11:14:23 pm Eben King wrote:
> On Sat, 17 Jan 2009, Donald E Haselwood wrote:
> > I can't get port forwarding to work for on my Verizon
> > FIOS router (ActionTec MI424-WR). Any tips or
> > suggestions?
> >
> > I have an openvpn server setup on a Suse 11.0 box
> > behind the Verizon router (192.168.1.0/24 net) as well
> > as a Linksys router to a 10.1.1.0/24 net. The Suse 11
> > box is on 192.168.1.44 with firewall set to pass the
> > openvpn port. If I set the Verizon router to DMZ
> > 192.168.1.44, connections to the openvpn server from
> > the internet work.
> >
> > However, instead of using DMZ I use port forwarding I
> > cannot make it work. I've found some www posts that
> > indicate that folk are having problems with port
> > forwarding with this router and there are some
> > suggestions, e.g. UPnP enabled can prevent manual port
> > forwarding from working, but so far the only thing that
> > has worked is to DMZ to the server (in fact one www
> > post suggested just using a 2nd router after the
> > Verizon router and using DMZ between the Verizon router
> > and the 2nd router (such as Linksys running DD-WRT).
> >
> > Since a good many SLUG'ers are using Verizon FIOS I
> > thought maybe someone has this issue sorted.
>
> I do port forwarding on "my" MI-424WR on FiOS, but I
> don't use a VPN. Don't know if that'd be helpful.
>
> Actually, I would suggest that you use some sort of
> sniffer on *.44 when it's in the DMZ and make sure it's
> not receiving packets on any ports except those that are
> forwarded when it's not in the DMZ. Unless you've
> already done that, in which case never mind. TCP vs UDP
> might be significant.
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:26:52 EDT